Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe

Overview

General Information

Sample name:SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe
Analysis ID:1417615
MD5:dbb69ee00786bed3e12a04518e0f469a
SHA1:40a82d88b06e6be8ba82fab34b4a29305466202a
SHA256:dbc32537a29f5eba5406aa3f2ae409eb52ea904e76c19a74bfb480a8c8c63d69
Tags:exe
Infos:

Detection

Score:34
Range:0 - 100
Whitelisted:false
Confidence:0%

Compliance

Score:35
Range:0 - 100

Signatures

Multi AV Scanner detection for submitted file
Contains functionality to register a low level keyboard hook
Found direct / indirect Syscall (likely to bypass EDR)
Installs a global event hook (focus changed)
Tries to harvest and steal browser information (history, passwords, etc)
Writes many files with high entropy
Adds / modifies Windows certificates
Binary contains a suspicious time stamp
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to launch a process as a different user
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Drops certificate files (DER)
Drops files with a non-matching file extension (content does not match file extension)
EXE planting / hijacking vulnerabilities found
Found dropped PE file which has not been started or loaded
Found evaded block containing many API calls
Found inlined nop instructions (likely shell or obfuscated code)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file contains an invalid checksum
PE file contains executable resources (Code or Archives)
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries keyboard layouts
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the product ID of Windows
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Searches the installation path of Mozilla Firefox
Stores large binary data to the registry
Tries to load missing DLLs
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Analysis Advice

Sample may offer command line options, please run it with the 'Execute binary with arguments' cookbook (it's possible that the command line switches require additional characters like: "-", "/", "--")
Sample drops PE files which have not been started, submit dropped PE samples for a secondary analysis to Joe Sandbox
Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior
Sample searches for specific file, try point organization specific fake files to the analysis machine
Sample has functionality to log and monitor keystrokes, analyze it with the 'Simulates keyboard and window changes' cookbook

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe (PID: 6512 cmdline: "C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe" MD5: DBB69EE00786BED3E12A04518E0F469A)
    • SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp (PID: 5996 cmdline: "C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp" /SL5="$1043A,1055917,832512,C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe" MD5: 668D5368DEF8B65631C43EECBD50EA48)
      • OperaGXSetup.exe (PID: 1396 cmdline: "C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe" --silent --allusers=0 MD5: 3C5239C753641E08EA3C2080FBFD5D51)
        • OperaGXSetup.exe (PID: 3276 cmdline: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x2f0,0x6bb4623c,0x6bb46248,0x6bb46254 MD5: 3C5239C753641E08EA3C2080FBFD5D51)
        • OperaGXSetup.exe (PID: 5068 cmdline: "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe" --version MD5: 3C5239C753641E08EA3C2080FBFD5D51)
        • OperaGXSetup.exe (PID: 652 cmdline: "C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\user\AppData\Local\Programs\Opera GX" --profile-folder --language=en-GB --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=1396 --package-dir-prefix="C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20240329191858" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=NGFjMjBjZGM2OTE2N2RiNmJlYjJmY2M2YTBmZDdmMDY4ZjE3N2Y3OWFjNmExN2RhOTU2NGUyNWUyOTFkYjhlNjp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMSIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0xP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNF8zNzQyJnV0bV9pZD04MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCZ1dG1fY29udGVudD0zNzQyX3NldHVwaW8iLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTE3MzYzMzYuNTM0NCIsInVzZXJhZ2VudCI6Iklubm8gU2V0dXAgNi4yLjIiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fVVNfUEI0XzM3NDIiLCJjb250ZW50IjoiMzc0Ml9zZXR1cGlvIiwiaWQiOiI4MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImFiN2E4MGUwLWY1MjItNDZjMy1iYzdlLWQxNzkzYjIwNDhlMiJ9 --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=7005000000000000 MD5: 3C5239C753641E08EA3C2080FBFD5D51)
          • OperaGXSetup.exe (PID: 4612 cmdline: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x308,0x30c,0x310,0x2d8,0x314,0x6aeb623c,0x6aeb6248,0x6aeb6254 MD5: 3C5239C753641E08EA3C2080FBFD5D51)
          • installer.exe (PID: 3504 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe" --backend --initial-pid=1396 --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\user\AppData\Local\Programs\Opera GX" --profile-folder --language=en-GB --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --package-dir="C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=NGFjMjBjZGM2OTE2N2RiNmJlYjJmY2M2YTBmZDdmMDY4ZjE3N2Y3OWFjNmExN2RhOTU2NGUyNWUyOTFkYjhlNjp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMSIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0xP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNF8zNzQyJnV0bV9pZD04MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCZ1dG1fY29udGVudD0zNzQyX3NldHVwaW8iLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTE3MzYzMzYuNTM0NCIsInVzZXJhZ2VudCI6Iklubm8gU2V0dXAgNi4yLjIiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fVVNfUEI0XzM3NDIiLCJjb250ZW50IjoiMzc0Ml9zZXR1cGlvIiwiaWQiOiI4MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImFiN2E4MGUwLWY1MjItNDZjMy1iYzdlLWQxNzkzYjIwNDhlMiJ9 --silent --desktopshortcut=1 --install-subfolder=107.0.5045.79 MD5: 21AD4599ABD2E158DB5128F32D3CC4EE)
            • installer.exe (PID: 6188 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2a4,0x2d4,0x7ff8a8dad180,0x7ff8a8dad18c,0x7ff8a8dad198 MD5: 21AD4599ABD2E158DB5128F32D3CC4EE)
            • explorer.exe (PID: 1028 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)
              • opera.exe (PID: 5144 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --start-maximized --ran-launcher --instance-name=a7abe095bcfd6dc868442c2e858a30d1 --splash-handle=1040 --lowered-browser MD5: F452A15BC7E4392149F6BB2675EAAA59)
                • opera_crashreporter.exe (PID: 2436 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x290,0x294,0x298,0x28c,0x29c,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648 MD5: 26DF88B2E68E23B60C0EEAB3E29496BB)
                • opera.exe (PID: 2952 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=gpu-process --no-appcompat-clear --start-stack-profiler --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1848 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:2 MD5: F452A15BC7E4392149F6BB2675EAAA59)
                • opera.exe (PID: 5436 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --enable-quic --no-appcompat-clear --start-stack-profiler --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=1972 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8 MD5: F452A15BC7E4392149F6BB2675EAAA59)
                • opera.exe (PID: 3136 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=2776 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8 MD5: F452A15BC7E4392149F6BB2675EAAA59)
                • opera.exe (PID: 5372 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=3216 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8 MD5: F452A15BC7E4392149F6BB2675EAAA59)
                • opera.exe (PID: 3204 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=3356 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8 MD5: F452A15BC7E4392149F6BB2675EAAA59)
                • opera.exe (PID: 5336 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=4364 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8 MD5: F452A15BC7E4392149F6BB2675EAAA59)
                • opera.exe (PID: 6452 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=4764 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8 MD5: F452A15BC7E4392149F6BB2675EAAA59)
            • launcher.exe (PID: 5656 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe" --start-maximized MD5: D737A64C835D918DBE53B2C7724488FF)
              • opera_gx_splash.exe (PID: 2992 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exe" --instance-name=a7abe095bcfd6dc868442c2e858a30d1 MD5: 706FE814240C22A6CB09FBF48CB86020)
              • opera.exe (PID: 3656 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --start-maximized --ran-launcher --instance-name=a7abe095bcfd6dc868442c2e858a30d1 --splash-handle=1040 MD5: F452A15BC7E4392149F6BB2675EAAA59)
                • opera_crashreporter.exe (PID: 5860 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x284,0x288,0x28c,0x280,0x290,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648 MD5: 26DF88B2E68E23B60C0EEAB3E29496BB)
            • koksDTqWjvmuJdFhyPGiECl.exe (PID: 6416 cmdline: "C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
            • koksDTqWjvmuJdFhyPGiECl.exe (PID: 1096 cmdline: "C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe (PID: 4952 cmdline: "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe" MD5: E9A2209B61F4BE34F25069A6E54AFFEA)
        • assistant_installer.exe (PID: 4320 cmdline: "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe" --version MD5: 4C8FBED0044DA34AD25F781C3D117A66)
          • assistant_installer.exe (PID: 2964 cmdline: "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x270,0x274,0x278,0x24c,0x27c,0xdb4f48,0xdb4f58,0xdb4f64 MD5: 4C8FBED0044DA34AD25F781C3D117A66)
  • launcher.exe (PID: 1220 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe" --scheduledautoupdate 0 MD5: D737A64C835D918DBE53B2C7724488FF)
    • installer.exe (PID: 2316 cmdline: "C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exe" --version MD5: 21AD4599ABD2E158DB5128F32D3CC4EE)
    • opera_autoupdate.exe (PID: 5516 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe" --pipeid=oauc_task_piped42b87436846297e467003cba27fe2f4 --version=107.0.5045.79 --producttype --requesttype=automatic --downloaddir="C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B" --installationdatadir="C:\Users\user\AppData\Local\Programs\Opera GX" --operadir="C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79" --installdir="C:\Users\user\AppData\Local\Programs\Opera GX" --user-data-dir="C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable" --nometrics --scheduledtask MD5: 6026F4719045033EFD7EC6127ED6370C)
      • opera_autoupdate.exe (PID: 2972 cmdline: "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe" --type=crashpad-handler "--user-data-dir=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff6e85938fc,0x7ff6e8593908,0x7ff6e8593918 MD5: 6026F4719045033EFD7EC6127ED6370C)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeReversingLabs: Detection: 36%
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeVirustotal: Detection: 43%Perma Link
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: -----BEGIN PUBLIC KEY-----
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeJump to behavior
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer_helper_64.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\notification_helper.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\launcher.exeJump to behavior
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeEXE: opera_crashreporter.exe
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeJump to behavior

Compliance

barindex
EXE planting / hijacking vulnerabilities found
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeJump to behavior
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer_helper_64.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\notification_helper.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\launcher.exeJump to behavior
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeEXE: opera_crashreporter.exe
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeJump to behavior
Uses 32bit PE files
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
Creates a software uninstall entry
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Opera GX 107.0.5045.79
Creates install or setup log file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer\opera_installer_20240329191858040.logJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer\opera_installer_20240329191858956.logJump to behavior
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeFile created: C:\Users\user\AppData\Local\Temp\assistant_installer_20240329191920.logJump to behavior
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer\opera_installer_20240329191955376.logJump to behavior
Creates license or readme file
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpFile created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\license.txtJump to behavior
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\aria.js.LICENSE.txt
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\background_worker.js.LICENSE.txt
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\command_line.js.LICENSE.txt
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\prompt.js.LICENSE.txt
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\webpage_content_reporter.js.LICENSE.txt
PE / OLE file has a valid certificate
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeStatic PE information: certificate valid
Contains modern PE file flags such as dynamic base (ASLR) or NX
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Binary contains paths to debug symbols
Source: Binary string: assistant_installer.exe.pdb source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, assistant_installer.exe, 0000000A.00000002.2287318786.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000A.00000000.2279825246.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000002.2287730492.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D95000.00000002.00000001.01000000.00000011.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera\chromium\src\out\Release\installer.exe.pdb source: installer.exe, 0000000D.00000000.2625467719.00007FF65F4F1000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000D.00000002.2912907901.00007FF65F4F1000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628685156.00007FF65F4F1000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000002.2927392639.00007FF65F4F1000.00000002.00000001.01000000.00000012.sdmp
Source: Binary string: browser_assistant.exe.pdb source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: &NoreCommonProxyStub.pdb` source: opera.exe, 00000015.00000002.2788182722.0000608400264000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: rpcrt4.pdb source: opera.exe, 00000015.00000002.2790381999.00006084002B8000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera1\chromium\src\out\Release\installer_lib.dll.pdb`, source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp
Source: Binary string: _lib.dll.pdb source: OperaGXSetup.exe, 00000003.00000000.2054100396.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000000.2056341913.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000000.2059162821.0000000000BC7000.00000080.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000000.2062343834.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000007.00000000.2065156473.0000000000387000.00000080.00000001.01000000.00000008.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera1\chromium\src\out\Release\installer.exe.pdbp source: OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000131000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000131000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000971000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000131000.00000040.00000001.01000000.00000008.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera\chromium\src\out\Release\opera_gx_splash.exe.pdb source: opera_gx_splash.exe, 00000014.00000002.2851904218.00007FF7F8645000.00000002.00000001.01000000.00000019.sdmp, opera_gx_splash.exe, 00000014.00000000.2730619162.00007FF7F8645000.00000002.00000001.01000000.00000019.sdmp
Source: Binary string: .exe.pdb source: OperaGXSetup.exe, 00000003.00000000.2054100396.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000000.2056341913.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000000.2059162821.0000000000BC7000.00000080.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000000.2062343834.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000007.00000000.2065156473.0000000000387000.00000080.00000001.01000000.00000008.sdmp
Source: Binary string: oreCommonProxyStub.pdb source: opera.exe, 00000015.00000002.2788182722.0000608400264000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: .dll.pdbbC:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\localization.pdb` source: opera.exe, 00000015.00000002.2788927719.000060840027C000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: oreCommonProxyStub.pdb8 source: opera.exe, 00000015.00000002.2788182722.0000608400264000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: elbase.pdb` source: opera.exe, 00000015.00000002.2787646170.0000608400254000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: browser_assistant.exe.pdbe source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: `ser.dll.pdbREG_SZ source: opera.exe, 00000015.00000002.2788927719.000060840027C000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera1\chromium\src\out\Release\installer_lib.dll.pdb source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp
Source: Binary string: 4D0E03503C68E569FAA6DC931.pdb source: opera.exe, 00000015.00000002.2787828487.0000608400258000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: assistant_installer.exe.pdb@ source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, assistant_installer.exe, 0000000A.00000002.2287318786.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000A.00000000.2279825246.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000002.2287730492.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D95000.00000002.00000001.01000000.00000011.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera\chromium\src\out\Release\installer_lib.dll.pdb source: installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera\chromium\src\out\Release\opera.exe.pdb source: opera.exe, 00000015.00000000.2733582758.00007FF69A9C0000.00000002.00000001.01000000.0000001B.sdmp, opera.exe, 00000015.00000002.2798211012.00007FF69A9C0000.00000002.00000001.01000000.0000001B.sdmp
Source: Binary string: .exe.pdbp source: OperaGXSetup.exe, 00000003.00000000.2054100396.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000000.2056341913.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000000.2059162821.0000000000BC7000.00000080.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000000.2062343834.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000007.00000000.2065156473.0000000000387000.00000080.00000001.01000000.00000008.sdmp
Source: Binary string: _lib.dll.pdb`, source: OperaGXSetup.exe, 00000003.00000000.2054100396.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000000.2056341913.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000000.2059162821.0000000000BC7000.00000080.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000000.2062343834.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000007.00000000.2065156473.0000000000387000.00000080.00000001.01000000.00000008.sdmp
Source: Binary string: mojo_core.dll.pdb source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: ntdll.pdb source: opera.exe, 00000015.00000002.2790381999.00006084002B8000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera1\chromium\src\out\Release\installer.exe.pdb source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000131000.00000040.00000001.01000000.00000008.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera\chromium\src\out\Release\launcher.exe.pdb source: installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, launcher.exe, 00000012.00000000.2711688977.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp, launcher.exe, 00000012.00000002.2770887188.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp, launcher.exe, 00000013.00000000.2728056334.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp
Source: Binary string: a_browser.dll.pdb` source: opera.exe, 00000015.00000002.2787828487.0000608400258000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: win32u.pdb source: opera.exe, 00000015.00000002.2790381999.00006084002B8000.00000004.00001000.00020000.00000000.sdmp
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_004033B3 GetFileAttributesW,SetLastError,FindFirstFileW,FindClose,CompareFileTime,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00402F12 FindFirstFileW,SetFileAttributesW,lstrcmpW,lstrcmpW,SetFileAttributesW,DeleteFileW,FindNextFileW,FindClose,SetFileAttributesW,RemoveDirectoryW,??3@YAXPAX@Z,??3@YAXPAX@Z,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C69120 PathMatchSpecW,FindNextFileW,FindClose,FindFirstFileExW,GetLastError,GetFileAttributesW,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CF9AE2 FindFirstFileExW,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C69120 PathMatchSpecW,FindNextFileW,FindClose,FindFirstFileExW,GetLastError,GetFileAttributesW,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CF9AE2 FindFirstFileExW,
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user\AppData\Local\Temp
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user\AppData
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user\AppData\Local\Temp\.opera
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user\AppData\Local
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 4x nop then movd mm0, dword ptr [edx]
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 4x nop then movd mm0, dword ptr [edx]
Source: Joe Sandbox ViewIP Address: 204.79.197.200 204.79.197.200
Source: Joe Sandbox ViewIP Address: 13.107.246.40 13.107.246.40
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: "favicon_url": "https://www.rambler.ru/favicon.ico", equals www.rambler.ru (Rambler)
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: "favicon_url": "https://www.yahoo.co.jp/favicon.ico", equals www.yahoo.com (Yahoo)
Source: installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: c. Facebook Messenger: A messaging service provided by Facebook, Inc., Meta Platforms Ireland Ltd. or related companies, depending on where you are accessing their services. Terms of use are available at https://www.facebook.com/legal/terms; and equals www.facebook.com (Facebook)
Source: installer.exe, 0000000D.00000002.2909496035.00004D5400250000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: %t www.rambler.ru/favicon.ico equals www.rambler.ru (Rambler)
Source: installer.exe, 0000000D.00000002.2909496035.00004D5400250000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: %|0www.yahoo.co.jp/favicon.ico equals www.yahoo.com (Yahoo)
Source: installer.exe, 0000000D.00000002.2909496035.00004D5400250000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: -5FD9-449D-BC75-77CA217403AEMT%t www.rambler.ru/favicon.icoMT%tP-6733-479C-9086-7B21A2292DDAMT%t equals www.rambler.ru (Rambler)
Source: OperaGXSetup.exeString found in binary or memory: hatsapp.com/legal; and c. Facebook Messenger: A messaging service provided by Facebook, Inc., Meta Platforms Ireland Ltd. or related companies, depending on where you are accessing their services. Terms of use are available at https://www.facebook.com/l equals www.facebook.com (Facebook)
Source: installer.exe, 0000000D.00000002.2909496035.00004D5400250000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: search.yahoo.com/favicon.icoMT%|-8BF3-11E2-9E96-0800200C9A66MT%|0www.yahoo.co.jp/favicon.icoMT%| equals www.yahoo.com (Yahoo)
Source: installer.exe, 0000000D.00000002.2909496035.00004D5400250000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: www.rambler.ru/favicon.ico equals www.rambler.ru (Rambler)
Source: installer.exe, 0000000D.00000002.2909496035.00004D5400250000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: www.rambler.ru/favicon.icoMT%t equals www.rambler.ru (Rambler)
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3078
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3205
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3206
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3452
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3498
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3577
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3586
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3623
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3624
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3625
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3832
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3862
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3965
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4324
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4428
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4551
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4836
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4901
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5007
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5055
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5371
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5375
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5421
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5658
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6439
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6651
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6755
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6860
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6876
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6878
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6929
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6953
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7036
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7047
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7172
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7279
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7370
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7406
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7724
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7760
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7761
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8162
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8229
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8291
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8297
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8417
Source: OperaGXSetup.exeString found in binary or memory: http://autoupdate-staging.services.ams.osa/
Source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://autoupdate-staging.services.ams.osa/v4/v5/netinstaller///windows/x64v2/Fetching
Source: OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849481285.000000003620C000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258300885.000000003634C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2254642691.00000000041F0000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258206440.0000000036468000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000003.00000003.2254727628.00000000041F9000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B0B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000011.00000000.2707241317.0000000009AF9000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0
Source: OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2876553319.000000000420E000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849481285.000000003620C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322618930.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2842408108.000000000420D000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2254642691.00000000041F0000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258300885.000000003634C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258206440.0000000036468000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: OperaGXSetup.exe, 00000003.00000002.2876049672.00000000041ED000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322618930.00000000041EE000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.00000000041EE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedR
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258300885.000000003634C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258206440.0000000036468000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2068606370.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2070277997.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/codesigningrootr45.crl0V
Source: explorer.exe, 00000011.00000000.2700552070.0000000000F13000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.v
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258300885.000000003634C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2254642691.00000000041F0000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258206440.0000000036468000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000003.00000003.2254727628.00000000041F9000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2876553319.000000000420E000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849481285.000000003620C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322618930.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2842408108.000000000420D000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B0B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000011.00000000.2707241317.0000000009AF9000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2254642691.00000000041F0000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258300885.000000003634C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258206440.0000000036468000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07
Source: OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2876553319.000000000420E000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849481285.000000003620C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322618930.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2842408108.000000000420D000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.dig-
Source: OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2876553319.000000000420E000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849481285.000000003620C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322618930.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2842408108.000000000420D000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B0B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000011.00000000.2707241317.0000000009AF9000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2254642691.00000000041F0000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0K
Source: OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2876553319.000000000420E000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849481285.000000003620C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322618930.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2842408108.000000000420D000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en
Source: OperaGXSetup.exe, 00000003.00000002.2876049672.00000000041ED000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322618930.00000000041EE000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.00000000041EE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://issuetracker.google.com/200067929
Source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://localhost:3001api/prefs/?product=$1&version=$2..
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2254642691.00000000041F0000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, explorer.exe, 00000011.00000000.2707241317.0000000009B0B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000011.00000000.2707241317.0000000009AF9000.00000004.00000001.00020000.00000000.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258300885.000000003634C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258206440.0000000036468000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329653768.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000003.00000002.2868631396.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258300885.000000003634C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2254642691.00000000041F0000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258206440.0000000036468000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849481285.000000003620C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000003.00000003.2254727628.00000000041F9000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://ocsp.digicert.com0C
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0H
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0I
Source: OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2876553319.000000000420E000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849481285.000000003620C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322618930.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2842408108.000000000420D000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0O
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258300885.000000003634C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258206440.0000000036468000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
Source: explorer.exe, 00000011.00000000.2707241317.00000000099B0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/DigiCertGlobalRootG2.crlhttp://crl4.digicert.com/Di
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2068606370.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2070277997.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/codesigningrootr450F
Source: explorer.exe, 00000011.00000000.2706420448.0000000008870000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000011.00000000.2706461577.0000000008890000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000011.00000000.2705925353.0000000007DC0000.00000002.00000001.00040000.00000000.sdmpString found in binary or memory: http://schemas.micro
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2068606370.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2070277997.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt0A
Source: explorer.exe, 00000011.00000000.2719335016.000000000C8B4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.autoitscript.com/autoit3/J
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2254642691.00000000041F0000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2876553319.000000000420E000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849481285.000000003620C000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000003.00000003.2322618930.000000000420A000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2842408108.000000000420D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1959440394.0000000002540000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.1964992515.00000000035E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.dk-soft.org/
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1959440394.0000000002540000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.1964992515.00000000035E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.kymoto.org
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1959440394.0000000002540000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.1964992515.00000000035E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.kymoto.orgAbout
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1959440394.0000000002540000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.1964992515.00000000035E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.kymoto.orgAcerca
Source: OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258300885.000000003634C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.opera.com
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2058322710.00000000034D7000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000574000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000DB4000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000574000.00000040.00000001.01000000.00000008.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635989187.000001D885A43000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2913720158.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F9CE000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000013.00000003.2737224538.0000020C10421000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.opera.com0
Source: opera.exe, 00000015.00000002.2773390727.00000243C5AB7000.00000002.00000001.00040000.00000024.sdmpString found in binary or memory: http://www.unicode.org/copyright.html
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/?q=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://accounts.spotify.com/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://accounts.youtube.com
Source: explorer.exe, 00000011.00000000.2711336676.000000000C4DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe
Source: launcher.exe, 00000013.00000000.2728056334.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://addons.opera.com/en/extensions/details/dify-cashback/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/0239ef3d7c95570d61b12b2fb509af435ccc2131/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/0f0e5f62d66c60ed333aca63dd12b74d89b1197f/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/13655f413caacdcc677b24dc0c615d1f5328d6a3/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/175c553e1afe06b6eba448d5d51821f3b3200c23/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/1eccff548be9e5afea58974ea48f09611bb0971f/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/2f7d465d32db944b1a50d34569ecc10aa71d7b1b/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/313b7f796952f2b34bf6bce6ba10a7b51bd18913/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/3ed7347a5e10c404ea6cb96281265ff23092cf8f/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/434b0a6daa530638a964132e86b8a01d7b39aa7c/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/47495671858c844787b75a7b65d83bf0f4daa0b7/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/47ac1e141dfbb826480ad739f82202f33942e3a9/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/4d3d8f7f070d279fbe0d2795e10e69fbab5d3824/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/505f20c0ceb331ebec9f6b8d9def5e0f59be4612/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/5a244c9761df69fd3c6925ff8f639d24e28b1169/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/626b4fd1d224c0f6344647a9049bdade45c11e10/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635441252.000001D885A3C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/7090985e32fa004ea7f01e519549d5bb07e36e57/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/7537081f498da9b83d5905e8a6aa77283f222bc3/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/7ce8277c35ac7d51701decad652c060741bd7e48/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/7d5c2a2d6136fbf166211d5183bf66214a247f31/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/80c7dd8db07f193d40005f1a4c59dbc922d41bbc/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/9972667e4a17fabc1af14d8a388078a2069c5be3/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635441252.000001D885A3C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/aaa83eac6890a9a6e2273ea51d6f2f2915b1a019/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/aad01b6c6f7f2f01bea6584af044c96d8850f748/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/ad5beaae2fc679ccba1db1f7b3c9503d8da6ec70/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/cf1b58b29b4efc97d4cd45328f0ab79f541469d4/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/d31e12a38bccc4ce61b2fe8e6fd3160ec5191274/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635441252.000001D885A3C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/d62bc2d4349d61e94daa48a5c49b897f6bfcd166/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/d7966d331216ef6a7affdecb3ee81600ba5c34d3/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635441252.000001D885A3C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/e27cf3ebc2172a1a7d9cb6978a031ef52ed55596/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/e3f47f1911ec0c9b987871ea7bc7da7525594997/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://addons.opera.com/extensions/download/fd1ad64e991dece2a0e4b2c8d5b45d22d513bd8b/
Source: explorer.exe, 00000011.00000000.2704927087.00000000076F8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4966
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/6574
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7162
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7308
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7382
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7489
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7604
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7714
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7899
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/8300
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/8417
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://api.browser.yandex.ua/suggest/get?part=
Source: explorer.exe, 00000011.00000000.2707241317.0000000009ADB000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/
Source: explorer.exe, 00000011.00000000.2704927087.0000000007637000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://appleid.apple.com
Source: explorer.exe, 00000011.00000000.2702026651.00000000035FA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.coml
Source: assistant_installer.exe, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D67000.00000002.00000001.01000000.00000011.sdmp, installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000012.00000000.2711688977.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp, launcher.exe, 00000012.00000002.2770887188.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp, launcher.exe, 00000013.00000000.2728056334.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://autoupdate.geo.opera.com/
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000032A8000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, assistant_installer.exe, 0000000A.00000000.2279825246.0000000000D67000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D67000.00000002.00000001.01000000.00000011.sdmpString found in binary or memory: https://autoupdate.geo.opera.com/.opera.comOpera
Source: OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://autoupdate.geo.opera.com/api/prefs/?product=Opera
Source: OperaGXSetup.exe, 00000003.00000002.2876049672.00000000041ED000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.00000000041EE000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329653768.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2868631396.0000000000C89000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://autoupdate.geo.opera.com/api/prefs/?product=Opera%20GX&version=107.0.5045.79
Source: OperaGXSetup.exe, 00000003.00000003.2329765016.00000000041EE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://autoupdate.geo.opera.com/api/prefs/?product=Opera%20GX&version=107.0.5045.79Y
Source: installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, launcher.exe, 00000012.00000000.2711688977.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp, launcher.exe, 00000012.00000002.2770887188.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp, launcher.exe, 00000013.00000000.2728056334.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://autoupdate.geo.opera.com/developernightlyStableinstaller_prefs.jsonNightlyDeveloperNextStabl
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://autoupdate.geo.opera.com/geolocation/
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://autoupdate.geo.opera.com/geolocation/5e
Source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://autoupdate.geo.opera.com/https://autoupdate.geo.opera.com/geolocation/OperaDesktopGXhttps://
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071672649.0000000000C54000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://autoupdate.geo.opera.com/v5/netinstaller/gx/Stable/windows/x64
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://browser-notifications.opera.com/api/v1/
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://browser-notifications.opera.com/api/v1/333333
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
Source: OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://config.gx.games/
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://config.gx.games/D
Source: OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000CB1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://config.gx.games/a
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://config.gx.games/l
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://config.gx.games/v0/config
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CCA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://config.gx.games/v0/config?utm_campaign=PWN_US_PB4_3742&utm_medium=pa&utm_source=PWNgames&pro
Source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://config.gx.games/v0/configeditionutm_campaign=%s&utm_medium=%s&utm_source=%s&product=%s&chann
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://consent.youtube.com
Source: assistant_installer.exe, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D67000.00000002.00000001.01000000.00000011.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://crashpad.chromium.org/
Source: assistant_installer.exe, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D67000.00000002.00000001.01000000.00000011.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://crashpad.chromium.org/bug/new
Source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000032A8000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, assistant_installer.exe, 0000000A.00000000.2279825246.0000000000D67000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D67000.00000002.00000001.01000000.00000011.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://crashpad.chromium.org/https://crashpad.chromium.org/bug/new
Source: installer.exe, 0000000E.00000002.2921864598.000001D74CF70000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000003.2919717296.00004A5000238000.00000004.00001000.00020000.00000000.sdmp, opera.exe, 00000015.00000003.2747900384.00006084002E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://crashstats-collector.opera.com/collector/submit
Source: OperaGXSetup.exe, 00000004.00000002.2888087861.0000000000D78000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000004.00000003.2885355182.000000002C02C000.00000004.00001000.00020000.00000000.sdmp, assistant_installer.exe, 0000000B.00000002.2288172997.0000000005148000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000E.00000002.2921864598.000001D74CF79000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000E.00000003.2919717296.00004A5000238000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://crashstats-collector.opera.com/collector/submit--annotation=channel=Stable--annotation=plat=
Source: assistant_installer.exe, 0000000B.00000002.2288172997.0000000005148000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crashstats-collector.opera.com/collector/submit/
Source: OperaGXSetup.exe, 00000004.00000002.2888935161.000000002C024000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://crashstats-collector.opera.com/collector/submit0x2e4
Source: assistant_installer.exe, 0000000B.00000002.2288172997.0000000005140000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crashstats-collector.opera.com/collector/submit1
Source: installer.exe, 0000000E.00000002.2926616195.00004A50002C4000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://crashstats-collector.opera.com/collector/submitJP
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000032A8000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, assistant_installer.exe, 0000000A.00000000.2279825246.0000000000D67000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D67000.00000002.00000001.01000000.00000011.sdmpString found in binary or memory: https://crashstats-collector.opera.com/collector/submitOperaDesktopGX
Source: assistant_installer.exe, 0000000B.00000002.2288172997.0000000005140000.00000004.00000020.00020000.00000000.sdmp, assistant_installer.exe, 0000000B.00000002.2288172997.0000000005148000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crashstats-collector.opera.com/collector/submitll$
Source: assistant_installer.exe, 0000000B.00000002.2288172997.0000000005148000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crashstats-collector.opera.com/collector/submitr
Source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://curl.haxx.se/docs/http-cookies.html
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/SysWOW64
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/Xw
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/appxBundleSipPutSignedDataMsgniuid=Dll-f522-46c3
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/etUrlCache
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/r-sub.osp.opera.software/N
Source: OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071672649.0000000000C54000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binary
Source: OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000CB1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binary$
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071672649.0000000000C54000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binary&
Source: OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binary(
Source: OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binary)
Source: OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binary0
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binary8
Source: OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binarye
Source: OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryera.software
Source: OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryera.software3
Source: OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryera.softwareV
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryera.softwarep
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryey.netLMEMP
Source: OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryfU
Source: OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryh
Source: OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryiW
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryj
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryp
Source: OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000C95000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binarypn
Source: OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://desktop-netinstaller-sub.osp.opera.software/v1/binaryyV
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://download.opera.com/
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://download.opera.com/4
Source: OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://download.opera.com/R
Source: OperaGXSetup.exe, 00000003.00000002.2868119126.0000000000C72000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843688988.0000000000C72000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000C85000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849151827.000000003622A000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000C95000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://download.opera.com/download/get/?id=52318&autoupdate=1&ni=1
Source: OperaGXSetup.exe, 00000003.00000003.2843688988.0000000000C62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://download.opera.com/download/get/?id=65442&autoupdate=1&ni=1&stream=stable&utm_campaign=PWN_U
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://download.opera.com/download/get/?partner=www&opsys=Windows&utm_source=netinstaller
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://download3.operacdn.com/
Source: OperaGXSetup.exe, 00000003.00000003.2329765016.00000000041EE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://download3.operacdn.com/res/servicefiles/partner_content/std-1/1698947853-custom_partner_cont
Source: OperaGXSetup.exe, 00000003.00000003.2087266746.00000000041FC000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://download5.operacdn.com/
Source: OperaGXSetup.exe, 00000003.00000003.2322618930.00000000041EE000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.00000000041EE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://download5.operacdn.com/ftp/pub/.assistant_gx/73.0.3856.382/Opera_GX_assistant_73.0.3856.382_
Source: OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087414766.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087266746.00000000041EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://download5.operacdn.com/ftp/pub/opera_gx/107.0.5045.79/win/Opera_GX_107.0.5045.79_Autoupdate_
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?q=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.ico
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B41000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://excel.office.com
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2708034650.00004D5400360000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://extension-updates.opera.com/api/omaha/update/
Source: installer.exe, 0000000D.00000003.2708034650.00004D5400360000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://extension-updates.opera.com/api/omaha/update/MT6L
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071654247.0000000000C74000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://features.opera-api2.com/
Source: OperaGXSetup.exe, 00000003.00000003.2071654247.0000000000C74000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://features.opera-api2.com/C
Source: OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://features.opera-api2.com/Q
Source: installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://features.opera-api2.com/api/v2/features?country=%s&language=%s&uuid=%s&product=%s&channel=%s
Source: OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CCA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://features.opera-api2.com/api/v2/features?country=US&language=en-GB&uuid=a818e77b-17e4-452c-91
Source: OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CCA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://features.opera-api2.com/api/v2/features?country=US&language=en-GB&uuid=a818e77b-i
Source: OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000CB1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://features.opera-api2.com/cy
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://ff.search.yahoo.com/gossip?output=fxjson&command=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://gaana.com/
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://gamemaker.io
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://gamemaker.io)
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://gamemaker.io/en/education.
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://gamemaker.io/en/get.
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://help.instagram.com/581066165581870;
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000012.00000002.2766223989.000060EC00288000.00000004.00001000.00020000.00000000.sdmp, opera.exe, 00000015.00000002.2787646170.0000608400254000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://help.opera.com/latest/
Source: launcher.exe, 00000012.00000002.2766223989.000060EC00288000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://help.opera.com/latest/https://www.opera.com/gx/https://www.opera.com/gx/
Source: opera.exe, 00000015.00000002.2787646170.0000608400254000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://help.opera.com/latest/https://www.opera.com/gx/https://www.opera.com/gx/org.chromium.trace_e
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/161903006
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/166809097
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/184850002
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/187425444
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/220069903
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/229267970
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/250706693
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/253522366
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/255411748
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/258207403
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/274859104
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/284462263
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/288119108
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/292282210
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/292285899
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/309028728
Source: opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000000.1959021067.0000000000401000.00000020.00000001.01000000.00000003.sdmpString found in binary or memory: https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://lamertang.com/4-peali-c1d-eny0-f8i
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://legal.opera.com/eula/computers
Source: installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://legal.opera.com/privacy
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://legal.opera.com/privacy.
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009CA000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://legal.opera.com/terms
Source: installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://legal.opera.com/terms.
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://listen.tidal.com/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://listen.tidal.com/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://login.tidal.com
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/at/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/au/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/be/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/bg/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/br/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/by/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/ca/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/ch/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/cn/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/cz/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/de/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/dk/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/eg/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/es/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/fi/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/fr/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/gb/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/hu/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/id/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/in/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/it/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/jp/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/ke/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/kr/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/kz/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/ma/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/mx/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/my/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/ng/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/nl/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/no/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/ph/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/pl/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/ro/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/rs/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/ru/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/se/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/sg/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/sk/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/th/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/tr/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/ua/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/us/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/vn/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.apple.com/za/browse
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://music.youtube.com
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://nova.rambler.ru/suggest?v=3&query=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://oauth.play.pl/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://offer.tidal.com
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://open.spotify.com
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://opera.com/privacy
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B41000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://outlook.com
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1959440394.0000000002540000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.1964992515.00000000035E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://partners-offapi.net/apiBundle/geo?sourceID=
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1959440394.0000000002540000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.1964992515.00000000035E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://partners-offapi.net/apiBundle/stpstat?
Source: OperaGXSetup.exe, 00000003.00000002.2850171237.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009CA000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://policies.google.com/terms;
Source: explorer.exe, 00000011.00000000.2711336676.000000000C460000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://powerpoint.office.comcember
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://redir.opera.com/amazon/?q=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://redir.opera.com/search/rambler/?q=
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://redir.opera.com/uninstallsurvey/
Source: OperaGXSetup.exe, 00000003.00000002.2883636587.00000000362D0000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2846781095.0000000036360000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2847065121.00000000362E0000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000C85000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849151827.000000003622A000.00000004.00001000.00020000.00000000.sdmp, installer.exe, 0000000D.00000002.2910949110.00004D54002EC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://redir.opera.com/www.opera.com/gx/firstrun/?utm_campaign=PWN_US_PB4_3742&utm_content=3742_set
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://search.seznam.cz/?q=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://search.yahoo.co.jp/search?ei=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://search.yahoo.com/favicon.ico
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://search.yahoo.com/search?ei=
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://smolecular.icu/tfg/?src=setupIO
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://soundcloud.com/
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://sourcecode.opera.com
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://suggest.yandex.com.tr/suggest-opera?part=
Source: OperaGXSetup.exe, 00000003.00000002.2850171237.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009CA000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://telegram.org/tos/
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://translate.yandex.fr/?text=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://translate.yandex.net/main/v2.92.1465389915/i/favicon.ico
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://try.opera.com/72TR
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://try.opera.com/72TR8R7/KLRL579/?sub1=se
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://try.opera.com/72TR8R7/KLRL579/?sub1=setupio&s
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000011.00000000.2701335122.0000000001731000.00000002.00000001.00040000.00000000.sdmpString found in binary or memory: https://try.opera.com/72TR8R7/KLRL579/?sub1=setupio&sub2=31120
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://twitter.com/en/tos;
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/oauth
Source: explorer.exe, 00000011.00000000.2707241317.00000000099B0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://wns.windows.com/)s
Source: explorer.exe, 00000011.00000000.2707241317.00000000099B0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://word.office.comon
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/favicon.ico
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/baidu?wd=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/favicon.ico
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/bg/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/br/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/cz/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/de/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/en/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/es/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/fi/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/fr/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/hu/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/id/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/it/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/mx/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/nl/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/no/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/pl/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/ro/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/ru/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/se/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/sk/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/sr/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/th/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/tr/login
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.deezer.com/us/login
Source: OperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2849481285.000000003620C000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278541806.0000000000700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
Source: OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2068606370.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2070277997.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2078168773.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071466547.0000000000C95000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.globalsign.com/repository/0
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=opera&q=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/favicon.ico
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=opera-gx&q=
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1960705178.0000000002680000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1961058453.000000007FB40000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000000.1962311586.0000000000401000.00000020.00000001.01000000.00000004.sdmpString found in binary or memory: https://www.innosetup.com/
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://www.opera.com
Source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://www.opera.com..
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.opera.com/eula/comQnu
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.opera.com/eula/computers
Source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000012.00000002.2766223989.000060EC00288000.00000004.00001000.00020000.00000000.sdmp, opera.exe, 00000015.00000002.2787646170.0000608400254000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.opera.com/gx/
Source: installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://www.opera.com/privacy
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.rambler.ru/favicon.ico
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1960705178.0000000002680000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1961058453.000000007FB40000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000000.1962311586.0000000000401000.00000020.00000001.01000000.00000004.sdmpString found in binary or memory: https://www.remobjects.com/ps
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.seznam.cz/favicon.ico
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.so.com/favicon.ico
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.so.com/s?src=lm&ls=sm2561755&lm_extend=ctype:31&q=
Source: OperaGXSetup.exe, 00000003.00000002.2850171237.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009CA000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://www.whatsapp.com/legal;
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.yahoo.co.jp/favicon.ico
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://yandex.com.tr/search/?clid=1669559&text=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://yandex.fr/search/?clid=2358536&text=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://yandex.ua/search/?clid=2358536&text=
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://yastatic.net/s3/home-static/_/92/929b10d17990e806734f68758ec917ec.png
Source: installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://yastatic.net/s3/home-static/_/f4/f47b1b3d8194c36ce660324ab55a04fe.png

Key, Mouse, Clipboard, Microphone and Screen Capturing

barindex
Contains functionality to register a low level keyboard hook
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00408643 SetWindowsHookExW 00000002,Function_00008615,00000000,00000000
Installs a global event hook (focus changed)
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeWindows user hook set: Path: unknown Event Start:focus Event End: focus Module: NULL
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2E248BEDDBB2D85122423C41028BFD4Jump to dropped file

Spam, unwanted Advertisements and Ransom Demands

barindex
Writes many files with high entropy
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\Opera_GX_107.0.5045.79_Autoupdate_x64[1].exe entropy: 7.99999542145Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\opera_package entropy: 7.99999542145
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\assistant_package entropy: 7.99594864967Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\standard_themes\default_dark_theme.zip entropy: 7.99758785849
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\standard_themes\gx-1-classic-dark.zip entropy: 7.99068917764
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\standard_themes\gx-1-classic-light.zip entropy: 7.99103298049
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\standard_themes\gx-classic-dark.zip entropy: 7.99869813049
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\standard_themes\gx-classic-light.zip entropy: 7.99851425914
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_142773148\CRX_INSTALL\img\portfolio_background.e09645c2.webp entropy: 7.99762050423
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_142773148\CRX_INSTALL\img\welcome_page_coin_logos.0d4e909e.webp entropy: 7.99152249428
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\f650f111a3b890d116f1.woff2 entropy: 7.99099116763
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\themes_backup\default_dark_theme.zip entropy: 7.99758785849
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\browser.js entropy: 7.99201652294
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\themes_backup\gx-1-classic-dark.zip entropy: 7.99068917764
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\siteprefs.json entropy: 7.99072559961
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\themes_backup\gx-1-classic-light.zip entropy: 7.99103298049
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\themes_backup\gx-classic-dark.zip entropy: 7.99869813049
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\themes_backup\gx-classic-light.zip entropy: 7.99851425914
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_142773148\CRX_INSTALL\img\crypto_wallet_background.34d522e0.webp entropy: 7.99397847277
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\73ea273a72f4aca30ca5.woff2 entropy: 7.99266429164
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\assets\twitch-placeholder@x1.png entropy: 7.99139191957
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\39890742bc957b368704.woff2 entropy: 7.99294636507
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_4152286\classic.png entropy: 7.99067960013
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_812821631\GX_Wallpaper_classic.png entropy: 7.99798626337
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1282861814\GX_Wallpaper_Light_classic.png entropy: 7.99720505853
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1587385142\classic.png entropy: 7.99067960013
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1254482314\GX_Wallpaper_classic.png entropy: 7.99798626337
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_106807459\GX_Wallpaper_Light_classic.png entropy: 7.99720505853
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C22770: CreateFileW,DeviceIoControl,GetLastError,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C64EE0 SetHandleInformation,SetHandleInformation,CreateEnvironmentBlock,CreateProcessAsUserW,DestroyEnvironmentBlock,GetEnvironmentStringsW,FreeEnvironmentStringsW,CreateProcessW,AssignProcessToJobObject,AllowSetForegroundWindow,WaitForSingleObject,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00405750
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_0041304B
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_0040AD40
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00412910
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_004132E3
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00412F71
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C50EE0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C7B18D
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C7F1B4
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C7F782
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D3FBCF
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CC206C
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C0A170
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C722C0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C10290
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA8257
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C76390
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C38480
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C6C460
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C54410
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D4243A
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CDE6D0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C107C0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C20746
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CCC718
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C54730
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C548E0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D5C89C
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CB8860
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D40864
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C8A9F0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D5C954
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA6940
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C58AC0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D42ACB
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CAAA50
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C72B10
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA6CB0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C16C76
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C7EDD0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA6DE0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CF6D0E
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C58EC0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CAAE80
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D64EB6
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CCAE18
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA6F90
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C96F50
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA5055
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CCD014
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C29180
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D41189
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CC11A6
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D43130
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CB7280
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C913D4
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C57370
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA7330
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C194D2
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C654D0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C894F0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CC9494
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CCB436
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CF35F4
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CAB54D
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA5540
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C0F504
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C87520
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CAB66D
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C4D7D0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CAB749
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C6D72F
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA78C0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C6F8B0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CCD98E
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CCB934
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CABAD5
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D43A9D
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CADA7D
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C0DA78
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CB7B40
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D61B41
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C6FB00
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CABCDD
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C1BC70
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C95DD0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C93DE0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CE5D00
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C65D10
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C6FD10
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA9E80
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CA7EB0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C9FE30
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C0FFC0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D3BFB0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C95FB0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C1DF40
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C77F3A
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CC206C
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CF6D0E
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C0A170
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C722C0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C10290
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA8257
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C76390
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C38480
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C6C460
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C54410
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D4243A
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CDE6D0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C107C0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C20746
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CCC718
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C54730
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C548E0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D5C89C
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CB8860
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D40864
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C8A9F0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D5C954
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA6940
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C58AC0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D42ACB
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CAAA50
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C72B10
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA6CB0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C16C76
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C7EDD0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA6DE0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C58EC0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C50EE0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CAAE80
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D64EB6
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CCAE18
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA6F90
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C96F50
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA5055
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CCD014
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C29180
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C7B18D
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D41189
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CC11A6
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C7F1B4
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D43130
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CB7280
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C913D4
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C57370
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA7330
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C194D2
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C654D0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C894F0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CC9494
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CCB436
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CF35F4
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CAB54D
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA5540
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C0F504
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C87520
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CAB66D
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C4D7D0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C7F782
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CAB749
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C6D72F
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA78C0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C6F8B0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CCD98E
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CCB934
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CABAD5
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D43A9D
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CADA7D
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C0DA78
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D3FBCF
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CB7B40
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D61B41
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C6FB00
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CABCDD
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C1BC70
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C95DD0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C93DE0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CE5D00
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C65D10
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C6FD10
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA9E80
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CA7EB0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C9FE30
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C0FFC0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D3BFB0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C95FB0
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C1DF40
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C77F3A
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: String function: 004026DC appears 38 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C4B9C0 appears 168 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C01741 appears 414 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C58590 appears 33 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C41BBC appears 34 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C03696 appears 128 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00D57CF8 appears 49 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C40C44 appears 56 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C4BEC0 appears 281 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C40AA2 appears 44 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00D542D0 appears 118 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C4BE50 appears 80 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C4C9E0 appears 83 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00D3A840 appears 85 times
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: String function: 00C48B80 appears 56 times
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp.0.drStatic PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: installer.exe.6.drStatic PE information: Resource name: RT_RCDATA type: PE32+ executable (DLL) (console) x86-64, for MS Windows
Source: installer.exe.19.drStatic PE information: Resource name: RT_RCDATA type: PE32+ executable (DLL) (console) x86-64, for MS Windows
Source: opera_crashreporter.exe.6.drStatic PE information: Number of sections : 13 > 10
Source: libEGL.dll.6.drStatic PE information: Number of sections : 11 > 10
Source: installer.exe.6.drStatic PE information: Number of sections : 11 > 10
Source: vulkan-1.dll.6.drStatic PE information: Number of sections : 11 > 10
Source: mojo_core.dll.6.drStatic PE information: Number of sections : 11 > 10
Source: opera_autoupdate.exe.6.drStatic PE information: Number of sections : 14 > 10
Source: opera_elf.dll.6.drStatic PE information: Number of sections : 11 > 10
Source: installer.exe.19.drStatic PE information: Number of sections : 11 > 10
Source: libGLESv2.dll.6.drStatic PE information: Number of sections : 11 > 10
Source: win10_share_handler.dll.6.drStatic PE information: Number of sections : 11 > 10
Source: opera.exe.6.drStatic PE information: Number of sections : 11 > 10
Source: launcher.exe.13.drStatic PE information: Number of sections : 13 > 10
Source: opera_browser.dll.6.drStatic PE information: Number of sections : 15 > 10
Source: Opera_installer_2403291820085812316.dll.23.drStatic PE information: Number of sections : 15 > 10
Source: notification_helper.exe.6.drStatic PE information: Number of sections : 12 > 10
Source: opera.exe.13.drStatic PE information: Number of sections : 11 > 10
Source: launcher.exe.6.drStatic PE information: Number of sections : 13 > 10
Source: dxcompiler.dll.6.drStatic PE information: Number of sections : 11 > 10
Source: vk_swiftshader.dll.6.drStatic PE information: Number of sections : 11 > 10
Source: opera_gx_splash.exe.6.drStatic PE information: Number of sections : 11 > 10
Source: installer_helper_64.exe.6.drStatic PE information: Number of sections : 11 > 10
Source: Opera_installer_2403291819548603504.dll.13.drStatic PE information: Number of sections : 15 > 10
Source: Opera_installer_2403291819551826188.dll.14.drStatic PE information: Number of sections : 15 > 10
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1961058453.000000007FE35000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFileName vs SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000000.1959121556.00000000004C6000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFileName vs SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1960705178.0000000002778000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFileName vs SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeRegistry key queried: HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\118.0.1 (x64 en-US)\Main Install Directory
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeSection loaded: version.dll
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeSection loaded: netapi32.dll
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeSection loaded: netutils.dll
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeSection loaded: uxtheme.dll
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: mpr.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: netapi32.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: wtsapi32.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: winsta.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: textinputframework.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: coreuicomponents.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: mscms.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: coloradapterclient.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: shfolder.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: rstrtmgr.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: ncrypt.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: ntasn1.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: textshaping.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: winhttpcom.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: webio.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: winnsi.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: rasadhlp.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: fwpuclnt.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: schannel.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: mskeyprotect.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: ncryptsslp.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: rsaenh.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: gpapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: mlang.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: dpapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: explorerframe.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: msftedit.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: windows.globalization.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: bcp47langs.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: bcp47mrm.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: globinputhost.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: dwmapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: windows.ui.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: windowmanagementapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: inputhost.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: twinapi.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: twinapi.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: dhcpcsvc6.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: edputil.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: urlmon.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: windows.staterepositoryps.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: appresolver.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: slc.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: sppc.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: onecorecommonproxystub.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: pcacli.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: sfc_os.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpSection loaded: oleacc.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: wininet.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: winnsi.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: urlmon.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: rasadhlp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: fwpuclnt.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: schannel.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: mskeyprotect.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: ntasn1.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dpapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: rsaenh.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: gpapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: ncrypt.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: ncryptsslp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: cryptnet.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dhcpcsvc6.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: webio.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: wininet.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: wininet.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: wininet.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: wininet.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeSection loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeSection loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: wininet.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: linkinfo.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: ntshrui.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: cscapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: appresolver.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: bcp47langs.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: slc.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: sppc.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: windows.staterepositoryps.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: windows.fileexplorer.common.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: oleacc.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: coreuicomponents.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: uiamanager.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: sxs.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: dwmapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: onecorecommonproxystub.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: actxprxy.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: taskschd.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: xmllite.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: firewallapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: fwbase.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: fwpolicyiomgr.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: twinapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: twinapi.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: wininet.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeSection loaded: iertutil.dll
Source: C:\Windows\explorer.exeSection loaded: vcruntime140_1.dll
Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dll
Source: C:\Windows\explorer.exeSection loaded: msvcp140.dll
Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dll
Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dll
Source: C:\Windows\explorer.exeSection loaded: twext.dll
Source: C:\Windows\explorer.exeSection loaded: zipfldr.dll
Source: C:\Windows\explorer.exeSection loaded: sendmail.dll
Source: C:\Windows\explorer.exeSection loaded: mydocs.dll
Source: C:\Windows\explorer.exeSection loaded: acppage.dll
Source: C:\Windows\explorer.exeSection loaded: sfc.dll
Source: C:\Windows\explorer.exeSection loaded: msi.dll
Source: C:\Windows\explorer.exeSection loaded: drprov.dll
Source: C:\Windows\explorer.exeSection loaded: ntlanman.dll
Source: C:\Windows\explorer.exeSection loaded: davclnt.dll
Source: C:\Windows\explorer.exeSection loaded: davhlpr.dll
Source: C:\Windows\explorer.exeSection loaded: dlnashext.dll
Source: C:\Windows\explorer.exeSection loaded: playtodevice.dll
Source: C:\Windows\explorer.exeSection loaded: wpdshext.dll
Source: C:\Windows\explorer.exeSection loaded: ehstorapi.dll
Source: C:\Windows\explorer.exeSection loaded: windows.cloudstore.schema.shell.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: linkinfo.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: mf.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: mf.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: mfplat.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: mfcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: rtworkq.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: ksuser.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: textinputframework.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: coreuicomponents.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: mfmp4srcsnk.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: mmdevapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: devobj.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: audioses.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: oleacc.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: resourcepolicyclient.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: evr.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: dxva2.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: avrt.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: d3d9.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: dwmapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: d3d10warp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: dxcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: comppkgsup.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: windows.media.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: windows.applicationmodel.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: twinapi.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: msauddecmft.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: mfperfhelper.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: appxdeploymentclient.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: colorcnv.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: msdmo.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: msmpeg2vdec.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: windows.ui.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: windowmanagementapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: inputhost.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exeSection loaded: dcomp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: kbdus.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: sxs.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: onecorecommonproxystub.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: wininet.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: kbdus.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: dpapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: nlaapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: dhcpcsvc6.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: textinputframework.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: coreuicomponents.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: windows.ui.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: windowmanagementapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: inputhost.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: twinapi.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: twinapi.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: wtsapi32.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: mscms.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: coloradapterclient.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: mmdevapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: devobj.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: winsta.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: wkscli.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: netapi32.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: dsreg.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: msvcp110_win.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: wpnapps.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: rmclient.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: xmllite.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: taskschd.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: usermgrcli.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: firewallapi.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: fwbase.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeSection loaded: windows.media.dll
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
Source: classification engineClassification label: sus34.rans.spyw.evad.winEXE@118/1236@0/49
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00408DD2 wvsprintfW,GetLastError,FormatMessageW,FormatMessageW,FormatMessageW,lstrlenW,lstrlenW,lstrlenW,??2@YAPAXI@Z,lstrcpyW,lstrcpyW,lstrcpyW,??3@YAXPAX@Z,LocalFree,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C2051B GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C2051B GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_004011FD GetDiskFreeSpaceExW,SendMessageW,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_0040388A _wtol,_wtol,SHGetSpecialFolderPathW,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,_wtol,CoCreateInstance,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00401DF5 GetModuleHandleW,FindResourceExA,FindResourceExA,FindResourceExA,SizeofResource,LoadResource,LockResource,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,wsprintfW,LoadLibraryA,GetProcAddress,
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpFile created: C:\Users\user\AppData\Local\ProgramsJump to behavior
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeMutant created: NULL
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeMutant created: \Sessions\1\BaseNamedObjects\mfx_d3d_mutex
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeMutant created: \Sessions\1\BaseNamedObjects\Global\Opera/Installer/C:/Users/user/AppData/Local/Programs/Opera GX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeMutant created: \Sessions\1\BaseNamedObjects\opera_splash_lock_a7abe095bcfd6dc868442c2e858a30d1
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeMutant created: \Sessions\1\BaseNamedObjects\oauc_registry_mutex
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ChromeProcessSingletonStartup!
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeFile created: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmpJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOrganization
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeReversingLabs: Detection: 36%
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeVirustotal: Detection: 43%
Source: OperaGXSetup.exeString found in binary or memory: opera-startpage-special
Source: OperaGXSetup.exeString found in binary or memory: run-at-startup
Source: OperaGXSetup.exeString found in binary or memory: replace-addons-extensions-with-gx-store-substitutes
Source: OperaGXSetup.exeString found in binary or memory: run-at-startup-default
Source: OperaGXSetup.exeString found in binary or memory: yat-emoji-addresses
Source: OperaGXSetup.exeString found in binary or memory: video-on-start-page
Source: OperaGXSetup.exeString found in binary or memory: installer-bypass-launcher
Source: OperaGXSetup.exeString found in binary or memory: When enabled, https://addons.opera.com/en/extensions/details/dify-cashback/ extension will be added to the user's extensions
Source: OperaGXSetup.exeString found in binary or memory: enable-installer-stats
Source: OperaGXSetup.exeString found in binary or memory: launchopera-on-os-start
Source: OperaGXSetup.exeString found in binary or memory: master-copy-installation
Source: OperaGXSetup.exeString found in binary or memory: show-eula-window-on-start
Source: OperaGXSetup.exeString found in binary or memory: test-pre-installed-extensions-dir
Source: OperaGXSetup.exeString found in binary or memory: override-additional-config-url
Source: OperaGXSetup.exeString found in binary or memory: Local\%ls/Installer/UI_lock
Source: OperaGXSetup.exeString found in binary or memory: OperaInstaller/InstallationInterrupted
Source: OperaGXSetup.exeString found in binary or memory: post-elevated-install-tasks
Source: OperaGXSetup.exeString found in binary or memory: Try '%ls --help' for more information.
Source: OperaGXSetup.exeString found in binary or memory: Try '%ls --help' for more information.
Source: OperaGXSetup.exeString found in binary or memory: all-installer-experiments
Source: OperaGXSetup.exeString found in binary or memory: Global\Opera/Installer/
Source: OperaGXSetup.exeString found in binary or memory: ran-launcher
Source: OperaGXSetup.exeString found in binary or memory: opera-startpage-special
Source: OperaGXSetup.exeString found in binary or memory: run-at-startup
Source: OperaGXSetup.exeString found in binary or memory: replace-addons-extensions-with-gx-store-substitutes
Source: OperaGXSetup.exeString found in binary or memory: run-at-startup-default
Source: OperaGXSetup.exeString found in binary or memory: yat-emoji-addresses
Source: OperaGXSetup.exeString found in binary or memory: video-on-start-page
Source: OperaGXSetup.exeString found in binary or memory: installer-bypass-launcher
Source: OperaGXSetup.exeString found in binary or memory: When enabled, https://addons.opera.com/en/extensions/details/dify-cashback/ extension will be added to the user's extensions
Source: OperaGXSetup.exeString found in binary or memory: enable-installer-stats
Source: OperaGXSetup.exeString found in binary or memory: launchopera-on-os-start
Source: OperaGXSetup.exeString found in binary or memory: master-copy-installation
Source: OperaGXSetup.exeString found in binary or memory: show-eula-window-on-start
Source: OperaGXSetup.exeString found in binary or memory: test-pre-installed-extensions-dir
Source: OperaGXSetup.exeString found in binary or memory: override-additional-config-url
Source: OperaGXSetup.exeString found in binary or memory: Local\%ls/Installer/UI_lock
Source: OperaGXSetup.exeString found in binary or memory: OperaInstaller/InstallationInterrupted
Source: OperaGXSetup.exeString found in binary or memory: post-elevated-install-tasks
Source: OperaGXSetup.exeString found in binary or memory: Try '%ls --help' for more information.
Source: OperaGXSetup.exeString found in binary or memory: Try '%ls --help' for more information.
Source: OperaGXSetup.exeString found in binary or memory: all-installer-experiments
Source: OperaGXSetup.exeString found in binary or memory: Global\Opera/Installer/
Source: OperaGXSetup.exeString found in binary or memory: ran-launcher
Source: OperaGXSetup.exeString found in binary or memory: opera-startpage-special
Source: OperaGXSetup.exeString found in binary or memory: run-at-startup-default
Source: OperaGXSetup.exeString found in binary or memory: run-at-startup
Source: OperaGXSetup.exeString found in binary or memory: replace-addons-extensions-with-gx-store-substitutes
Source: OperaGXSetup.exeString found in binary or memory: yat-emoji-addresses
Source: OperaGXSetup.exeString found in binary or memory: video-on-start-page
Source: OperaGXSetup.exeString found in binary or memory: installer-bypass-launcher
Source: OperaGXSetup.exeString found in binary or memory: When enabled, https://addons.opera.com/en/extensions/details/dify-cashback/ extension will be added to the user's extensions
Source: OperaGXSetup.exeString found in binary or memory: enable-installer-stats
Source: OperaGXSetup.exeString found in binary or memory: master-copy-installation
Source: OperaGXSetup.exeString found in binary or memory: launchopera-on-os-start
Source: OperaGXSetup.exeString found in binary or memory: show-eula-window-on-start
Source: OperaGXSetup.exeString found in binary or memory: Local\%ls/Installer/UI_lock
Source: OperaGXSetup.exeString found in binary or memory: OperaInstaller/InstallationInterrupted
Source: OperaGXSetup.exeString found in binary or memory: test-pre-installed-extensions-dir
Source: OperaGXSetup.exeString found in binary or memory: override-additional-config-url
Source: OperaGXSetup.exeString found in binary or memory: post-elevated-install-tasks
Source: OperaGXSetup.exeString found in binary or memory: Try '%ls --help' for more information.
Source: OperaGXSetup.exeString found in binary or memory: Try '%ls --help' for more information.
Source: OperaGXSetup.exeString found in binary or memory: all-installer-experiments
Source: OperaGXSetup.exeString found in binary or memory: Global\Opera/Installer/
Source: OperaGXSetup.exeString found in binary or memory: ran-launcher
Source: OperaGXSetup.exeString found in binary or memory: opera-startpage-special
Source: OperaGXSetup.exeString found in binary or memory: run-at-startup
Source: OperaGXSetup.exeString found in binary or memory: replace-addons-extensions-with-gx-store-substitutes
Source: OperaGXSetup.exeString found in binary or memory: run-at-startup-default
Source: OperaGXSetup.exeString found in binary or memory: yat-emoji-addresses
Source: OperaGXSetup.exeString found in binary or memory: video-on-start-page
Source: OperaGXSetup.exeString found in binary or memory: installer-bypass-launcher
Source: OperaGXSetup.exeString found in binary or memory: When enabled, https://addons.opera.com/en/extensions/details/dify-cashback/ extension will be added to the user's extensions
Source: OperaGXSetup.exeString found in binary or memory: enable-installer-stats
Source: OperaGXSetup.exeString found in binary or memory: launchopera-on-os-start
Source: OperaGXSetup.exeString found in binary or memory: master-copy-installation
Source: OperaGXSetup.exeString found in binary or memory: show-eula-window-on-start
Source: OperaGXSetup.exeString found in binary or memory: test-pre-installed-extensions-dir
Source: OperaGXSetup.exeString found in binary or memory: override-additional-config-url
Source: OperaGXSetup.exeString found in binary or memory: Local\%ls/Installer/UI_lock
Source: OperaGXSetup.exeString found in binary or memory: OperaInstaller/InstallationInterrupted
Source: OperaGXSetup.exeString found in binary or memory: post-elevated-install-tasks
Source: OperaGXSetup.exeString found in binary or memory: Try '%ls --help' for more information.
Source: OperaGXSetup.exeString found in binary or memory: Try '%ls --help' for more information.
Source: OperaGXSetup.exeString found in binary or memory: all-installer-experiments
Source: OperaGXSetup.exeString found in binary or memory: Global\Opera/Installer/
Source: OperaGXSetup.exeString found in binary or memory: ran-launcher
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/move_file_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/assistant/installer/assistant_installer_main.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/common/association_utils.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/assistant/installer/assistant_installer.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/unpack_archive_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/service/task_scheduler_v2.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/change_reg_value_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../base/process/launch_win.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/copy_file_operation.cc
Source: assistant_installer.exeString found in binary or memory: Try '%ls --help' for more information.
Source: assistant_installer.exeString found in binary or memory: Try '%ls --help' for more information.
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/create_folder_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/assistant/installer/assistant_installer_steps.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/create_reg_key_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/status/json_installation_status_writer.cc
Source: assistant_installer.exeString found in binary or memory: post-elevated-install-tasks
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/delete_file_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/delete_reg_key_operation.cc
Source: assistant_installer.exeString found in binary or memory: Try '%ls --help' for more information.
Source: assistant_installer.exeString found in binary or memory: Try '%ls --help' for more information.
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/move_file_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/assistant/installer/assistant_installer_main.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/common/association_utils.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/assistant/installer/assistant_installer.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/unpack_archive_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/service/task_scheduler_v2.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/change_reg_value_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../base/process/launch_win.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/copy_file_operation.cc
Source: assistant_installer.exeString found in binary or memory: Try '%ls --help' for more information.
Source: assistant_installer.exeString found in binary or memory: Try '%ls --help' for more information.
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/create_folder_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/assistant/installer/assistant_installer_steps.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/create_reg_key_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/status/json_installation_status_writer.cc
Source: assistant_installer.exeString found in binary or memory: post-elevated-install-tasks
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/delete_file_operation.cc
Source: assistant_installer.exeString found in binary or memory: ../../opera/desktop/windows/installer/transactions/delete_reg_key_operation.cc
Source: assistant_installer.exeString found in binary or memory: Try '%ls --help' for more information.
Source: assistant_installer.exeString found in binary or memory: Try '%ls --help' for more information.
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeFile read: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe "C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe"
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeProcess created: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp "C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp" /SL5="$1043A,1055917,832512,C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe"
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe "C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe" --silent --allusers=0
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x2f0,0x6bb4623c,0x6bb46248,0x6bb46254
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe" --version
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe "C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\user\AppData\Local\Programs\Opera GX" --profile-folder --language=en-GB --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=1396 --package-dir-prefix="C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20240329191858" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=NGFjMjBjZGM2OTE2N2RiNmJlYjJmY2M2YTBmZDdmMDY4ZjE3N2Y3OWFjNmExN2RhOTU2NGUyNWUyOTFkYjhlNjp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMSIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0xP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNF8zNzQyJnV0bV9pZD04MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCZ1dG1fY29udGVudD0zNzQyX3NldHVwaW8iLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTE3MzYzMzYuNTM0NCIsInVzZXJhZ2VudCI6Iklubm8gU2V0dXAgNi4yLjIiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fVVNfUEI0XzM3NDIiLCJjb250ZW50IjoiMzc0Ml9zZXR1cGlvIiwiaWQiOiI4MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImFiN2E4MGUwLWY1MjItNDZjMy1iYzdlLWQxNzkzYjIwNDhlMiJ9 --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=7005000000000000
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x308,0x30c,0x310,0x2d8,0x314,0x6aeb623c,0x6aeb6248,0x6aeb6254
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe" --version
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x270,0x274,0x278,0x24c,0x27c,0xdb4f48,0xdb4f58,0xdb4f64
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe" --backend --initial-pid=1396 --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\user\AppData\Local\Programs\Opera GX" --profile-folder --language=en-GB --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --package-dir="C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=NGFjMjBjZGM2OTE2N2RiNmJlYjJmY2M2YTBmZDdmMDY4ZjE3N2Y3OWFjNmExN2RhOTU2NGUyNWUyOTFkYjhlNjp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMSIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0xP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNF8zNzQyJnV0bV9pZD04MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCZ1dG1fY29udGVudD0zNzQyX3NldHVwaW8iLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTE3MzYzMzYuNTM0NCIsInVzZXJhZ2VudCI6Iklubm8gU2V0dXAgNi4yLjIiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fVVNfUEI0XzM3NDIiLCJjb250ZW50IjoiMzc0Ml9zZXR1cGlvIiwiaWQiOiI4MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImFiN2E4MGUwLWY1MjItNDZjMy1iYzdlLWQxNzkzYjIwNDhlMiJ9 --silent --desktopshortcut=1 --install-subfolder=107.0.5045.79
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2a4,0x2d4,0x7ff8a8dad180,0x7ff8a8dad18c,0x7ff8a8dad198
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe "C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe" --start-maximized
Source: unknownProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe "C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe" --scheduledautoupdate 0
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exe" --instance-name=a7abe095bcfd6dc868442c2e858a30d1
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --start-maximized --ran-launcher --instance-name=a7abe095bcfd6dc868442c2e858a30d1 --splash-handle=1040
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x284,0x288,0x28c,0x280,0x290,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exe "C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exe" --version
Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --start-maximized --ran-launcher --instance-name=a7abe095bcfd6dc868442c2e858a30d1 --splash-handle=1040 --lowered-browser
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x290,0x294,0x298,0x28c,0x29c,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=gpu-process --no-appcompat-clear --start-stack-profiler --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1848 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe" --pipeid=oauc_task_piped42b87436846297e467003cba27fe2f4 --version=107.0.5045.79 --producttype --requesttype=automatic --downloaddir="C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B" --installationdatadir="C:\Users\user\AppData\Local\Programs\Opera GX" --operadir="C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79" --installdir="C:\Users\user\AppData\Local\Programs\Opera GX" --user-data-dir="C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable" --nometrics --scheduledtask
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --enable-quic --no-appcompat-clear --start-stack-profiler --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=1972 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=2776 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=3216 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe" --type=crashpad-handler "--user-data-dir=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff6e85938fc,0x7ff6e8593908,0x7ff6e8593918
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=3356 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=4364 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=4764 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeProcess created: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp "C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp" /SL5="$1043A,1055917,832512,C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe"
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe "C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe" --silent --allusers=0
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x2f0,0x6bb4623c,0x6bb46248,0x6bb46254
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe" --version
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe "C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\user\AppData\Local\Programs\Opera GX" --profile-folder --language=en-GB --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=1396 --package-dir-prefix="C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20240329191858" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=NGFjMjBjZGM2OTE2N2RiNmJlYjJmY2M2YTBmZDdmMDY4ZjE3N2Y3OWFjNmExN2RhOTU2NGUyNWUyOTFkYjhlNjp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMSIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0xP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNF8zNzQyJnV0bV9pZD04MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCZ1dG1fY29udGVudD0zNzQyX3NldHVwaW8iLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTE3MzYzMzYuNTM0NCIsInVzZXJhZ2VudCI6Iklubm8gU2V0dXAgNi4yLjIiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fVVNfUEI0XzM3NDIiLCJjb250ZW50IjoiMzc0Ml9zZXR1cGlvIiwiaWQiOiI4MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImFiN2E4MGUwLWY1MjItNDZjMy1iYzdlLWQxNzkzYjIwNDhlMiJ9 --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=7005000000000000
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe" --version
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x308,0x30c,0x310,0x2d8,0x314,0x6aeb623c,0x6aeb6248,0x6aeb6254
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe" --backend --initial-pid=1396 --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\user\AppData\Local\Programs\Opera GX" --profile-folder --language=en-GB --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --package-dir="C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=NGFjMjBjZGM2OTE2N2RiNmJlYjJmY2M2YTBmZDdmMDY4ZjE3N2Y3OWFjNmExN2RhOTU2NGUyNWUyOTFkYjhlNjp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMSIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0xP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNF8zNzQyJnV0bV9pZD04MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCZ1dG1fY29udGVudD0zNzQyX3NldHVwaW8iLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTE3MzYzMzYuNTM0NCIsInVzZXJhZ2VudCI6Iklubm8gU2V0dXAgNi4yLjIiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fVVNfUEI0XzM3NDIiLCJjb250ZW50IjoiMzc0Ml9zZXR1cGlvIiwiaWQiOiI4MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImFiN2E4MGUwLWY1MjItNDZjMy1iYzdlLWQxNzkzYjIwNDhlMiJ9 --silent --desktopshortcut=1 --install-subfolder=107.0.5045.79
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x270,0x274,0x278,0x24c,0x27c,0xdb4f48,0xdb4f58,0xdb4f64
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2a4,0x2d4,0x7ff8a8dad180,0x7ff8a8dad18c,0x7ff8a8dad198
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe "C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe" --start-maximized
Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --start-maximized --ran-launcher --instance-name=a7abe095bcfd6dc868442c2e858a30d1 --splash-handle=1040 --lowered-browser
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exe" --instance-name=a7abe095bcfd6dc868442c2e858a30d1
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --start-maximized --ran-launcher --instance-name=a7abe095bcfd6dc868442c2e858a30d1 --splash-handle=1040
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exe "C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exe" --version
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe" --pipeid=oauc_task_piped42b87436846297e467003cba27fe2f4 --version=107.0.5045.79 --producttype --requesttype=automatic --downloaddir="C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B" --installationdatadir="C:\Users\user\AppData\Local\Programs\Opera GX" --operadir="C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79" --installdir="C:\Users\user\AppData\Local\Programs\Opera GX" --user-data-dir="C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable" --nometrics --scheduledtask
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x284,0x288,0x28c,0x280,0x290,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x290,0x294,0x298,0x28c,0x29c,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=gpu-process --no-appcompat-clear --start-stack-profiler --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1848 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --enable-quic --no-appcompat-clear --start-stack-profiler --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=1972 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=2776 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=3216 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=3356 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=4364 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=4764 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe" --type=crashpad-handler "--user-data-dir=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff6e85938fc,0x7ff6e8593908,0x7ff6e8593918
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InProcServer32
Source: Opera GX Browser .lnk.13.drLNK file: ..\..\..\..\Programs\Opera GX\launcher.exe
Source: Opera GX Browser .lnk0.13.drLNK file: ..\..\..\..\Programs\Opera GX\launcher.exe
Source: Opera GX Browser .lnk1.13.drLNK file: ..\..\..\..\Programs\Opera GX\launcher.exe
Source: Opera GX Browser .lnk2.13.drLNK file: ..\..\..\..\Programs\Opera GX\launcher.exe
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile written: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1605735293\persona.ini
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOwner
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpWindow found: window name: TMainForm
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpAutomated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpFile opened: C:\Windows\SysWOW64\MSFTEDIT.DLL
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Opera GX 107.0.5045.79
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeStatic PE information: certificate valid
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeStatic file information: File size 2182176 > 1048576
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: Binary string: assistant_installer.exe.pdb source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, assistant_installer.exe, 0000000A.00000002.2287318786.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000A.00000000.2279825246.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000002.2287730492.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D95000.00000002.00000001.01000000.00000011.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera\chromium\src\out\Release\installer.exe.pdb source: installer.exe, 0000000D.00000000.2625467719.00007FF65F4F1000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000D.00000002.2912907901.00007FF65F4F1000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628685156.00007FF65F4F1000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000002.2927392639.00007FF65F4F1000.00000002.00000001.01000000.00000012.sdmp
Source: Binary string: browser_assistant.exe.pdb source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: &NoreCommonProxyStub.pdb` source: opera.exe, 00000015.00000002.2788182722.0000608400264000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: rpcrt4.pdb source: opera.exe, 00000015.00000002.2790381999.00006084002B8000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera1\chromium\src\out\Release\installer_lib.dll.pdb`, source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp
Source: Binary string: _lib.dll.pdb source: OperaGXSetup.exe, 00000003.00000000.2054100396.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000000.2056341913.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000000.2059162821.0000000000BC7000.00000080.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000000.2062343834.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000007.00000000.2065156473.0000000000387000.00000080.00000001.01000000.00000008.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera1\chromium\src\out\Release\installer.exe.pdbp source: OperaGXSetup.exe, 00000003.00000002.2850171237.0000000000131000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.0000000000131000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.0000000000971000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000131000.00000040.00000001.01000000.00000008.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera\chromium\src\out\Release\opera_gx_splash.exe.pdb source: opera_gx_splash.exe, 00000014.00000002.2851904218.00007FF7F8645000.00000002.00000001.01000000.00000019.sdmp, opera_gx_splash.exe, 00000014.00000000.2730619162.00007FF7F8645000.00000002.00000001.01000000.00000019.sdmp
Source: Binary string: .exe.pdb source: OperaGXSetup.exe, 00000003.00000000.2054100396.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000000.2056341913.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000000.2059162821.0000000000BC7000.00000080.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000000.2062343834.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000007.00000000.2065156473.0000000000387000.00000080.00000001.01000000.00000008.sdmp
Source: Binary string: oreCommonProxyStub.pdb source: opera.exe, 00000015.00000002.2788182722.0000608400264000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: .dll.pdbbC:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\localization.pdb` source: opera.exe, 00000015.00000002.2788927719.000060840027C000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: oreCommonProxyStub.pdb8 source: opera.exe, 00000015.00000002.2788182722.0000608400264000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: elbase.pdb` source: opera.exe, 00000015.00000002.2787646170.0000608400254000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: browser_assistant.exe.pdbe source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: `ser.dll.pdbREG_SZ source: opera.exe, 00000015.00000002.2788927719.000060840027C000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera1\chromium\src\out\Release\installer_lib.dll.pdb source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp
Source: Binary string: 4D0E03503C68E569FAA6DC931.pdb source: opera.exe, 00000015.00000002.2787828487.0000608400258000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: assistant_installer.exe.pdb@ source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, assistant_installer.exe, 0000000A.00000002.2287318786.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000A.00000000.2279825246.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000002.2287730492.0000000000D95000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D95000.00000002.00000001.01000000.00000011.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera\chromium\src\out\Release\installer_lib.dll.pdb source: installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera\chromium\src\out\Release\opera.exe.pdb source: opera.exe, 00000015.00000000.2733582758.00007FF69A9C0000.00000002.00000001.01000000.0000001B.sdmp, opera.exe, 00000015.00000002.2798211012.00007FF69A9C0000.00000002.00000001.01000000.0000001B.sdmp
Source: Binary string: .exe.pdbp source: OperaGXSetup.exe, 00000003.00000000.2054100396.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000000.2056341913.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000000.2059162821.0000000000BC7000.00000080.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000000.2062343834.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000007.00000000.2065156473.0000000000387000.00000080.00000001.01000000.00000008.sdmp
Source: Binary string: _lib.dll.pdb`, source: OperaGXSetup.exe, 00000003.00000000.2054100396.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000000.2056341913.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000000.2059162821.0000000000BC7000.00000080.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000000.2062343834.0000000000387000.00000080.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000007.00000000.2065156473.0000000000387000.00000080.00000001.01000000.00000008.sdmp
Source: Binary string: mojo_core.dll.pdb source: Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000036E9000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278658254.0000000003D80000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: ntdll.pdb source: opera.exe, 00000015.00000002.2790381999.00006084002B8000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera1\chromium\src\out\Release\installer.exe.pdb source: OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.0000000000131000.00000040.00000001.01000000.00000008.sdmp
Source: Binary string: c:\srv\slave\workdir\repos\opera\chromium\src\out\Release\launcher.exe.pdb source: installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, launcher.exe, 00000012.00000000.2711688977.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp, launcher.exe, 00000012.00000002.2770887188.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp, launcher.exe, 00000013.00000000.2728056334.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp
Source: Binary string: a_browser.dll.pdb` source: opera.exe, 00000015.00000002.2787828487.0000608400258000.00000004.00001000.00020000.00000000.sdmp
Source: Binary string: win32u.pdb source: opera.exe, 00000015.00000002.2790381999.00006084002B8000.00000004.00001000.00020000.00000000.sdmp
Source: dxil.dll.6.drStatic PE information: 0x7DBE8527 [Fri Nov 7 02:32:07 2036 UTC]
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_0040239B LoadLibraryA,GetProcAddress,GetNativeSystemInfo,
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp.0.drStatic PE information: real checksum: 0x0 should be: 0x311faa
Source: OperaGXSetup.exe.3.drStatic PE information: real checksum: 0x36e0d3 should be: 0x36f94c
Source: OperaLib.dll.1.drStatic PE information: real checksum: 0x0 should be: 0x7f775
Source: is-T2PA3.tmp.1.drStatic PE information: real checksum: 0x36e0d3 should be: 0x36f94c
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeStatic PE information: section name: .didata
Source: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp.0.drStatic PE information: section name: .didata
Source: Opera_installer_2403291818577271396.dll.3.drStatic PE information: section name: .00cfg
Source: Opera_installer_2403291818577271396.dll.3.drStatic PE information: section name: .rodata
Source: Opera_installer_2403291818577271396.dll.3.drStatic PE information: section name: CPADinfo
Source: Opera_installer_2403291818577271396.dll.3.drStatic PE information: section name: malloc_h
Source: Opera_installer_2403291818579403276.dll.4.drStatic PE information: section name: .00cfg
Source: Opera_installer_2403291818579403276.dll.4.drStatic PE information: section name: .rodata
Source: Opera_installer_2403291818579403276.dll.4.drStatic PE information: section name: CPADinfo
Source: Opera_installer_2403291818579403276.dll.4.drStatic PE information: section name: malloc_h
Source: Opera_installer_2403291818582525068.dll.5.drStatic PE information: section name: .00cfg
Source: Opera_installer_2403291818582525068.dll.5.drStatic PE information: section name: .rodata
Source: Opera_installer_2403291818582525068.dll.5.drStatic PE information: section name: CPADinfo
Source: Opera_installer_2403291818582525068.dll.5.drStatic PE information: section name: malloc_h
Source: vk_swiftshader.dll.6.drStatic PE information: section name: .00cfg
Source: vk_swiftshader.dll.6.drStatic PE information: section name: .gxfg
Source: vk_swiftshader.dll.6.drStatic PE information: section name: .retplne
Source: vk_swiftshader.dll.6.drStatic PE information: section name: _RDATA
Source: vulkan-1.dll.6.drStatic PE information: section name: .00cfg
Source: vulkan-1.dll.6.drStatic PE information: section name: .gxfg
Source: vulkan-1.dll.6.drStatic PE information: section name: .retplne
Source: vulkan-1.dll.6.drStatic PE information: section name: _RDATA
Source: win10_share_handler.dll.6.drStatic PE information: section name: .00cfg
Source: win10_share_handler.dll.6.drStatic PE information: section name: .gxfg
Source: win10_share_handler.dll.6.drStatic PE information: section name: .retplne
Source: win10_share_handler.dll.6.drStatic PE information: section name: _RDATA
Source: win8_importing.dll.6.drStatic PE information: section name: .00cfg
Source: win8_importing.dll.6.drStatic PE information: section name: .gxfg
Source: win8_importing.dll.6.drStatic PE information: section name: .retplne
Source: win8_importing.dll.6.drStatic PE information: section name: _RDATA
Source: Opera_installer_240329181858612652.dll.6.drStatic PE information: section name: .00cfg
Source: Opera_installer_240329181858612652.dll.6.drStatic PE information: section name: .rodata
Source: Opera_installer_240329181858612652.dll.6.drStatic PE information: section name: CPADinfo
Source: Opera_installer_240329181858612652.dll.6.drStatic PE information: section name: malloc_h
Source: mojo_core.dll.6.drStatic PE information: section name: .00cfg
Source: mojo_core.dll.6.drStatic PE information: section name: .gxfg
Source: mojo_core.dll.6.drStatic PE information: section name: .retplne
Source: mojo_core.dll.6.drStatic PE information: section name: _RDATA
Source: notification_helper.exe.6.drStatic PE information: section name: .00cfg
Source: notification_helper.exe.6.drStatic PE information: section name: .gxfg
Source: notification_helper.exe.6.drStatic PE information: section name: .retplne
Source: notification_helper.exe.6.drStatic PE information: section name: CPADinfo
Source: notification_helper.exe.6.drStatic PE information: section name: _RDATA
Source: opera.exe.6.drStatic PE information: section name: .00cfg
Source: opera.exe.6.drStatic PE information: section name: .gxfg
Source: opera.exe.6.drStatic PE information: section name: .retplne
Source: opera.exe.6.drStatic PE information: section name: _RDATA
Source: opera_autoupdate.exe.6.drStatic PE information: section name: .00cfg
Source: opera_autoupdate.exe.6.drStatic PE information: section name: .gxfg
Source: opera_autoupdate.exe.6.drStatic PE information: section name: .retplne
Source: opera_autoupdate.exe.6.drStatic PE information: section name: CPADinfo
Source: opera_autoupdate.exe.6.drStatic PE information: section name: LZMADEC
Source: opera_autoupdate.exe.6.drStatic PE information: section name: _RDATA
Source: opera_autoupdate.exe.6.drStatic PE information: section name: malloc_h
Source: opera_browser.dll.6.drStatic PE information: section name: .00cfg
Source: opera_browser.dll.6.drStatic PE information: section name: .gxfg
Source: opera_browser.dll.6.drStatic PE information: section name: .retplne
Source: opera_browser.dll.6.drStatic PE information: section name: .rodata
Source: opera_browser.dll.6.drStatic PE information: section name: CPADinfo
Source: opera_browser.dll.6.drStatic PE information: section name: LZMADEC
Source: opera_browser.dll.6.drStatic PE information: section name: _RDATA
Source: opera_browser.dll.6.drStatic PE information: section name: malloc_h
Source: opera_crashreporter.exe.6.drStatic PE information: section name: .00cfg
Source: opera_crashreporter.exe.6.drStatic PE information: section name: .gxfg
Source: opera_crashreporter.exe.6.drStatic PE information: section name: .retplne
Source: opera_crashreporter.exe.6.drStatic PE information: section name: CPADinfo
Source: opera_crashreporter.exe.6.drStatic PE information: section name: _RDATA
Source: opera_crashreporter.exe.6.drStatic PE information: section name: malloc_h
Source: opera_elf.dll.6.drStatic PE information: section name: .00cfg
Source: opera_elf.dll.6.drStatic PE information: section name: .gxfg
Source: opera_elf.dll.6.drStatic PE information: section name: .retplne
Source: opera_elf.dll.6.drStatic PE information: section name: _RDATA
Source: opera_gx_splash.exe.6.drStatic PE information: section name: .00cfg
Source: opera_gx_splash.exe.6.drStatic PE information: section name: .gxfg
Source: opera_gx_splash.exe.6.drStatic PE information: section name: .retplne
Source: opera_gx_splash.exe.6.drStatic PE information: section name: _RDATA
Source: CUESDK.x64_2017.dll.6.drStatic PE information: section name: .00cfg
Source: dxcompiler.dll.6.drStatic PE information: section name: .00cfg
Source: dxcompiler.dll.6.drStatic PE information: section name: .gxfg
Source: dxcompiler.dll.6.drStatic PE information: section name: .retplne
Source: dxcompiler.dll.6.drStatic PE information: section name: _RDATA
Source: dxil.dll.6.drStatic PE information: section name: _RDATA
Source: installer.exe.6.drStatic PE information: section name: .00cfg
Source: installer.exe.6.drStatic PE information: section name: .gxfg
Source: installer.exe.6.drStatic PE information: section name: .retplne
Source: installer.exe.6.drStatic PE information: section name: _RDATA
Source: installer_helper_64.exe.6.drStatic PE information: section name: .00cfg
Source: installer_helper_64.exe.6.drStatic PE information: section name: .gxfg
Source: installer_helper_64.exe.6.drStatic PE information: section name: .retplne
Source: installer_helper_64.exe.6.drStatic PE information: section name: _RDATA
Source: launcher.exe.6.drStatic PE information: section name: .00cfg
Source: launcher.exe.6.drStatic PE information: section name: .gxfg
Source: launcher.exe.6.drStatic PE information: section name: .retplne
Source: launcher.exe.6.drStatic PE information: section name: LZMADEC
Source: launcher.exe.6.drStatic PE information: section name: _RDATA
Source: launcher.exe.6.drStatic PE information: section name: malloc_h
Source: libEGL.dll.6.drStatic PE information: section name: .00cfg
Source: libEGL.dll.6.drStatic PE information: section name: .gxfg
Source: libEGL.dll.6.drStatic PE information: section name: .retplne
Source: libEGL.dll.6.drStatic PE information: section name: _RDATA
Source: libGLESv2.dll.6.drStatic PE information: section name: .00cfg
Source: libGLESv2.dll.6.drStatic PE information: section name: .gxfg
Source: libGLESv2.dll.6.drStatic PE information: section name: .retplne
Source: libGLESv2.dll.6.drStatic PE information: section name: _RDATA
Source: Opera_installer_2403291818588244612.dll.7.drStatic PE information: section name: .00cfg
Source: Opera_installer_2403291818588244612.dll.7.drStatic PE information: section name: .rodata
Source: Opera_installer_2403291818588244612.dll.7.drStatic PE information: section name: CPADinfo
Source: Opera_installer_2403291818588244612.dll.7.drStatic PE information: section name: malloc_h
Source: assistant_installer.exe.9.drStatic PE information: section name: .00cfg
Source: assistant_installer.exe.9.drStatic PE information: section name: .voltbl
Source: assistant_installer.exe.9.drStatic PE information: section name: CPADinfo
Source: browser_assistant.exe.9.drStatic PE information: section name: .00cfg
Source: browser_assistant.exe.9.drStatic PE information: section name: .rodata
Source: browser_assistant.exe.9.drStatic PE information: section name: .voltbl
Source: browser_assistant.exe.9.drStatic PE information: section name: CPADinfo
Source: mojo_core.dll.9.drStatic PE information: section name: .00cfg
Source: mojo_core.dll.9.drStatic PE information: section name: .voltbl
Source: Opera_installer_2403291819548603504.dll.13.drStatic PE information: section name: .00cfg
Source: Opera_installer_2403291819548603504.dll.13.drStatic PE information: section name: .gxfg
Source: Opera_installer_2403291819548603504.dll.13.drStatic PE information: section name: .retplne
Source: Opera_installer_2403291819548603504.dll.13.drStatic PE information: section name: .rodata
Source: Opera_installer_2403291819548603504.dll.13.drStatic PE information: section name: CPADinfo
Source: Opera_installer_2403291819548603504.dll.13.drStatic PE information: section name: LZMADEC
Source: Opera_installer_2403291819548603504.dll.13.drStatic PE information: section name: _RDATA
Source: Opera_installer_2403291819548603504.dll.13.drStatic PE information: section name: malloc_h
Source: opera.exe.13.drStatic PE information: section name: .00cfg
Source: opera.exe.13.drStatic PE information: section name: .gxfg
Source: opera.exe.13.drStatic PE information: section name: .retplne
Source: opera.exe.13.drStatic PE information: section name: _RDATA
Source: launcher.exe.13.drStatic PE information: section name: .00cfg
Source: launcher.exe.13.drStatic PE information: section name: .gxfg
Source: launcher.exe.13.drStatic PE information: section name: .retplne
Source: launcher.exe.13.drStatic PE information: section name: LZMADEC
Source: launcher.exe.13.drStatic PE information: section name: _RDATA
Source: launcher.exe.13.drStatic PE information: section name: malloc_h
Source: Opera_installer_2403291819551826188.dll.14.drStatic PE information: section name: .00cfg
Source: Opera_installer_2403291819551826188.dll.14.drStatic PE information: section name: .gxfg
Source: Opera_installer_2403291819551826188.dll.14.drStatic PE information: section name: .retplne
Source: Opera_installer_2403291819551826188.dll.14.drStatic PE information: section name: .rodata
Source: Opera_installer_2403291819551826188.dll.14.drStatic PE information: section name: CPADinfo
Source: Opera_installer_2403291819551826188.dll.14.drStatic PE information: section name: LZMADEC
Source: Opera_installer_2403291819551826188.dll.14.drStatic PE information: section name: _RDATA
Source: Opera_installer_2403291819551826188.dll.14.drStatic PE information: section name: malloc_h
Source: installer.exe.19.drStatic PE information: section name: .00cfg
Source: installer.exe.19.drStatic PE information: section name: .gxfg
Source: installer.exe.19.drStatic PE information: section name: .retplne
Source: installer.exe.19.drStatic PE information: section name: _RDATA
Source: Opera_installer_2403291820085812316.dll.23.drStatic PE information: section name: .00cfg
Source: Opera_installer_2403291820085812316.dll.23.drStatic PE information: section name: .gxfg
Source: Opera_installer_2403291820085812316.dll.23.drStatic PE information: section name: .retplne
Source: Opera_installer_2403291820085812316.dll.23.drStatic PE information: section name: .rodata
Source: Opera_installer_2403291820085812316.dll.23.drStatic PE information: section name: CPADinfo
Source: Opera_installer_2403291820085812316.dll.23.drStatic PE information: section name: LZMADEC
Source: Opera_installer_2403291820085812316.dll.23.drStatic PE information: section name: _RDATA
Source: Opera_installer_2403291820085812316.dll.23.drStatic PE information: section name: malloc_h
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00412C00 push eax; ret
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CACE90 push 89084589h; iretd
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D3B10C push ecx; ret
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CACE90 push 89084589h; iretd
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D3B10C push ecx; ret
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\win8_importing.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera.exe
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\assistant_packageJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\browser_assistant.exe
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeFile created: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291820085812316.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpFile created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaLib.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\d3dcompiler_47.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe (copy)
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_browser.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291818579403276.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpFile created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\_isetup\_setup64.tmp
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\additional_file0.tmp
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer_helper_64.exe
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\launcher.exe.1711736396.old (copy)
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\opera_package
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291818588244612.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\Opera_installer_240329181858612652.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\Opera_GX_assistant_73.0.3856.382_Setup[1].exeJump to dropped file
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile created: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291819551826188.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpFile created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\is-T2PA3.tmp
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpFile created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe (copy)
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\dxil.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_elf.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\libGLESv2.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\Opera_GX_107.0.5045.79_Autoupdate_x64[1].exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exe
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exe
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291818582525068.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\notification_helper.exe
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\CUESDK.x64_2017.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\launcher.exe
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\mojo_core.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\dxcompiler.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\libEGL.dll
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile created: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291819548603504.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\vulkan-1.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeFile created: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\vk_swiftshader.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\mojo_core.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291818577271396.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\win10_share_handler.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\opera_package
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\assistant_packageJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer\opera_installer_20240329191858040.logJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer\opera_installer_20240329191858956.logJump to behavior
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeFile created: C:\Users\user\AppData\Local\Temp\assistant_installer_20240329191920.logJump to behavior
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer\opera_installer_20240329191955376.logJump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpFile created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\license.txtJump to behavior
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\aria.js.LICENSE.txt
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\background_worker.js.LICENSE.txt
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\command_line.js.LICENSE.txt
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\prompt.js.LICENSE.txt
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile created: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\webpage_content_reporter.js.LICENSE.txt
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdate
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdate
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeRegistry key monitored for changes: HKEY_CURRENT_USER_Classes
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 BlobJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C6A6D0 rdtsc
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeThread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291819551826188.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\dxil.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\libGLESv2.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_elf.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\win8_importing.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\Opera_GX_107.0.5045.79_Autoupdate_x64[1].exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\assistant_packageJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\browser_assistant.exe
Source: C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291820085812316.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291818582525068.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\notification_helper.exe
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaLib.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\mojo_core.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\d3dcompiler_47.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291819548603504.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\dxcompiler.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\libEGL.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_browser.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291818579403276.dll
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\_isetup\_setup64.tmp
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\vulkan-1.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer_helper_64.exe
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\opera_package
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\mojo_core.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\vk_swiftshader.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291818577271396.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Opera_installer_2403291818588244612.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\win10_share_handler.dll
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Opera_installer_240329181858612652.dll
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeEvaded block: after key decision
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeAPI coverage: 5.8 %
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeAPI coverage: 5.2 %
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp TID: 5784Thread sleep time: -60000s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp TID: 5784Thread sleep time: -30000s >= -30000s
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe TID: 6628Thread sleep time: -922337203685477s >= -30000s
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BaseBoard
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile Volume queried: C:\Users\user\Desktop FullSizeInformation
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeFile Volume queried: C:\Users\user\Desktop FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile Volume queried: C:\Users\user\Desktop FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile Volume queried: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Code Cache\js FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile Volume queried: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Code Cache\wasm FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile Volume queried: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\blob_storage\1e19d893-ff31-4664-bfc4-34501f4bb978 FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile Volume queried: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile Volume queried: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile Volume queried: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile Volume queried: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile Volume queried: C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\System Cache\Cache_Data FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile Volume queried: C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data FullSizeInformation
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_004033B3 GetFileAttributesW,SetLastError,FindFirstFileW,FindClose,CompareFileTime,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00402F12 FindFirstFileW,SetFileAttributesW,lstrcmpW,lstrcmpW,SetFileAttributesW,DeleteFileW,FindNextFileW,FindClose,SetFileAttributesW,RemoveDirectoryW,??3@YAXPAX@Z,??3@YAXPAX@Z,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C69120 PathMatchSpecW,FindNextFileW,FindClose,FindFirstFileExW,GetLastError,GetFileAttributesW,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CF9AE2 FindFirstFileExW,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C69120 PathMatchSpecW,FindNextFileW,FindClose,FindFirstFileExW,GetLastError,GetFileAttributesW,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CF9AE2 FindFirstFileExW,
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeThread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user\AppData\Local\Temp
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user\AppData
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user\AppData\Local\Temp\.opera
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeFile opened: C:\Users\user\AppData\Local
Source: explorer.exe, 00000011.00000000.2704927087.00000000076F8000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}99105f770555d7dd
Source: explorer.exe, 00000011.00000000.2707241317.0000000009AF9000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0r
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: NXTcaVMWare
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000%
Source: explorer.exe, 00000011.00000000.2702026651.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware, Inc.
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware SATA CD00
Source: explorer.exe, 00000011.00000000.2702026651.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware-42 27 d9 2e dc 89 72 dX
Source: explorer.exe, 00000011.00000000.2700552070.0000000000F13000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000A
Source: explorer.exe, 00000011.00000000.2704927087.00000000076F8000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}^
Source: explorer.exe, 00000011.00000000.2719335016.000000000C908000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: War&Prod_VMware_SATAW
Source: OperaGXSetup.exe, 00000003.00000002.2868119126.0000000000C62000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2071672649.0000000000C62000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843688988.0000000000C62000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000011.00000000.2707241317.0000000009B2C000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: explorer.exe, 00000011.00000000.2702026651.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware, Inc.NoneVMware-42 27 d9 2e dc 89 72 dX
Source: explorer.exe, 00000011.00000000.2702026651.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware,p
Source: OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000BD8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B0B000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Prod_VMware_SATAa
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000_
Source: explorer.exe, 00000011.00000000.2700552070.0000000000F13000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
Source: explorer.exe, 00000011.00000000.2704927087.000000000769A000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess information queried: ProcessInformation
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C6A6D0 rdtsc
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C66AE0 GetCurrentThread,IsDebuggerPresent,GetCurrentThreadId,__Init_thread_header,GetModuleHandleW,GetProcAddress,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_0040239B LoadLibraryA,GetProcAddress,GetNativeSystemInfo,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D597FB mov eax, dword ptr fs:[00000030h]
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D47C65 mov eax, dword ptr fs:[00000030h]
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D597FB mov eax, dword ptr fs:[00000030h]
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D47C65 mov eax, dword ptr fs:[00000030h]
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C7AD1E GetCurrentProcessId,CreateEventW,CreateEventW,CreateEventW,CreateEventW,SetUnhandledExceptionFilter,CreateThread,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CC206C SetUnhandledExceptionFilter,SetConsoleCtrlHandler,_strlen,_strlen,_strlen,_strlen,_strlen,SetUnhandledExceptionFilter,_strlen,_strlen,SetProcessShutdownParameters,__Init_thread_header,_strlen,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C7C3B6 GetCurrentProcessId,SetUnhandledExceptionFilter,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D3A428 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C7ACEE GetCurrentProcessId,CreateEventW,CreateEventW,CreateEventW,CreateEventW,SetUnhandledExceptionFilter,CreateThread,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C11C00 SetUnhandledExceptionFilter,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D4BE76 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00CC206C SetUnhandledExceptionFilter,SetConsoleCtrlHandler,_strlen,_strlen,_strlen,_strlen,_strlen,SetUnhandledExceptionFilter,_strlen,_strlen,SetProcessShutdownParameters,__Init_thread_header,_strlen,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C7C3B6 GetCurrentProcessId,SetUnhandledExceptionFilter,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D3A428 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C7AD1E GetCurrentProcessId,CreateEventW,CreateEventW,CreateEventW,CreateEventW,SetUnhandledExceptionFilter,CreateThread,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00C11C00 SetUnhandledExceptionFilter,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 11_2_00D4BE76 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

HIPS / PFW / Operating System Protection Evasion

barindex
Found direct / indirect Syscall (likely to bypass EDR)
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtQueryAttributesFile: Direct from: 0x76EF2E6C
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtCreateMutant: Direct from: 0x76EF35CC
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtQueryVolumeInformationFile: Direct from: 0x76EF2F2C
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtMapViewOfSection: Direct from: 0x76EF2D1C
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtOpenSection: Direct from: 0x76EF2E0C
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtDeviceIoControlFile: Direct from: 0x76EF2AEC
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtAllocateVirtualMemory: Direct from: 0x76EF2BFC
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtAddAtomEx: Direct from: 0x76EF312C
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtQueryValueKey: Direct from: 0x76EF2BEC
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtSetInformationThread: Direct from: 0x76EF2ECC
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtCreateFile: Direct from: 0x76EF2FEC
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtOpenFile: Direct from: 0x76EF2DCC
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtQueryInformationProcess: Direct from: 0x76EF2C26
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtOpenKeyEx: Direct from: 0x76EF3C9C
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtOpenKeyEx: Direct from: 0x76EF2B9C
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtClose: Direct from: 0x76EF2B6C
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtSetInformationProcess: Direct from: 0x76EF2C5C
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtReadVirtualMemory: Direct from: 0x76EF2E8C
Source: C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exeNtProtectVirtualMemory: Direct from: 0x76EF2F9C
Source: C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmpProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe "C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe" --silent --allusers=0
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x2f0,0x6bb4623c,0x6bb46248,0x6bb46254
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe "C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\user\AppData\Local\Programs\Opera GX" --profile-folder --language=en-GB --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=1396 --package-dir-prefix="C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20240329191858" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=NGFjMjBjZGM2OTE2N2RiNmJlYjJmY2M2YTBmZDdmMDY4ZjE3N2Y3OWFjNmExN2RhOTU2NGUyNWUyOTFkYjhlNjp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMSIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0xP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNF8zNzQyJnV0bV9pZD04MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCZ1dG1fY29udGVudD0zNzQyX3NldHVwaW8iLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTE3MzYzMzYuNTM0NCIsInVzZXJhZ2VudCI6Iklubm8gU2V0dXAgNi4yLjIiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fVVNfUEI0XzM3NDIiLCJjb250ZW50IjoiMzc0Ml9zZXR1cGlvIiwiaWQiOiI4MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImFiN2E4MGUwLWY1MjItNDZjMy1iYzdlLWQxNzkzYjIwNDhlMiJ9 --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=7005000000000000
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe" --version
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x308,0x30c,0x310,0x2d8,0x314,0x6aeb623c,0x6aeb6248,0x6aeb6254
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe "C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x270,0x274,0x278,0x24c,0x27c,0xdb4f48,0xdb4f58,0xdb4f64
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2a4,0x2d4,0x7ff8a8dad180,0x7ff8a8dad18c,0x7ff8a8dad198
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --start-maximized --ran-launcher --instance-name=a7abe095bcfd6dc868442c2e858a30d1 --splash-handle=1040
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x284,0x288,0x28c,0x280,0x290,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x290,0x294,0x298,0x28c,0x29c,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=gpu-process --no-appcompat-clear --start-stack-profiler --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1848 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --enable-quic --no-appcompat-clear --start-stack-profiler --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=1972 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=2776 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=3216 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=3356 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=4364 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=4764 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: unknown unknown
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe "C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe" --type=crashpad-handler "--user-data-dir=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff6e85938fc,0x7ff6e8593908,0x7ff6e8593918
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe c:\users\user\appdata\local\temp\is-nm93k.tmp\operagxsetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win32 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x2f0,0x6bb4623c,0x6bb46248,0x6bb46254
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe "c:\users\user\appdata\local\temp\is-nm93k.tmp\operagxsetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="c:\users\user\appdata\local\programs\opera gx" --profile-folder --language=en-gb --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=1396 --package-dir-prefix="c:\users\user\appdata\local\temp\.opera\opera gx installer temp\opera_package_20240329191858" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=ngfjmjbjzgm2ote2n2rinmjlyjjmy2m2ytbmzddmmdy4zje3n2y3owfjnmexn2rhotu2nguynwuyotfkyjhlnjp7imnvdw50cnkioijvuyisimvkaxrpb24ioijzdgqtmsisimluc3rhbgxlcl9uyw1lijoit3blcmfhwfnldhvwlmv4zsisinbyb2r1y3qionsibmftzsi6im9wzxjhx2d4in0sinf1zxj5ijoil29wzxjhx2d4l3n0ywjszs9lzgl0aw9ul3n0zc0xp3v0bv9zb3vyy2u9ufdoz2ftzxmmdxrtx21lzgl1bt1wysz1dg1fy2ftcgfpz249ufdox1vtx1bcnf8znzqyjnv0bv9pzd04mdvjotq2zwm3yzu0njgwyjm3zju4mmq1ogrlmtgzmcz1dg1fy29udgvudd0znzqyx3nldhvwaw8ilcjzexn0zw0ionsicgxhdgzvcm0ionsiyxjjaci6ing4nl82ncisim9wc3lzijoiv2luzg93cyisim9wc3lzlxzlcnnpb24ioiixmcisinbhy2thz2uioijfweuifx0sinrpbwvzdgftcci6ije3mte3mzyzmzyuntm0ncisinvzzxjhz2vudci6iklubm8gu2v0dxagni4yljiilcj1dg0ionsiy2ftcgfpz24ioijqv05fvvnfuei0xzm3ndiilcjjb250zw50ijoimzc0ml9zzxr1cglviiwiawqioii4mdvjotq2zwm3yzu0njgwyjm3zju4mmq1ogrlmtgzmcisim1lzgl1bsi6inbhiiwic291cmnlijoiufdoz2ftzxmifswidxvpzci6imfin2e4mguwlwy1mjitndzjmy1iyzdllwqxnzkzyjiwndhlmij9 --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=7005000000000000
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe c:\users\user\appdata\local\temp\is-nm93k.tmp\operagxsetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win32 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x308,0x30c,0x310,0x2d8,0x314,0x6aeb623c,0x6aeb6248,0x6aeb6254
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe "c:\users\user\appdata\local\temp\.opera\opera gx installer temp\opera_package_202403291918581\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win32 --annotation=prod=operadesktopgx --annotation=ver=73.0.3856.382 --initial-client-data=0x270,0x274,0x278,0x24c,0x27c,0xdb4f48,0xdb4f58,0xdb4f64
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\installer.exe" --backend --initial-pid=1396 --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="c:\users\user\appdata\local\programs\opera gx" --profile-folder --language=en-gb --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --package-dir="c:\users\user\appdata\local\temp\.opera\opera gx installer temp\opera_package_202403291918581" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=ngfjmjbjzgm2ote2n2rinmjlyjjmy2m2ytbmzddmmdy4zje3n2y3owfjnmexn2rhotu2nguynwuyotfkyjhlnjp7imnvdw50cnkioijvuyisimvkaxrpb24ioijzdgqtmsisimluc3rhbgxlcl9uyw1lijoit3blcmfhwfnldhvwlmv4zsisinbyb2r1y3qionsibmftzsi6im9wzxjhx2d4in0sinf1zxj5ijoil29wzxjhx2d4l3n0ywjszs9lzgl0aw9ul3n0zc0xp3v0bv9zb3vyy2u9ufdoz2ftzxmmdxrtx21lzgl1bt1wysz1dg1fy2ftcgfpz249ufdox1vtx1bcnf8znzqyjnv0bv9pzd04mdvjotq2zwm3yzu0njgwyjm3zju4mmq1ogrlmtgzmcz1dg1fy29udgvudd0znzqyx3nldhvwaw8ilcjzexn0zw0ionsicgxhdgzvcm0ionsiyxjjaci6ing4nl82ncisim9wc3lzijoiv2luzg93cyisim9wc3lzlxzlcnnpb24ioiixmcisinbhy2thz2uioijfweuifx0sinrpbwvzdgftcci6ije3mte3mzyzmzyuntm0ncisinvzzxjhz2vudci6iklubm8gu2v0dxagni4yljiilcj1dg0ionsiy2ftcgfpz24ioijqv05fvvnfuei0xzm3ndiilcjjb250zw50ijoimzc0ml9zzxr1cglviiwiawqioii4mdvjotq2zwm3yzu0njgwyjm3zju4mmq1ogrlmtgzmcisim1lzgl1bsi6inbhiiwic291cmnlijoiufdoz2ftzxmifswidxvpzci6imfin2e4mguwlwy1mjitndzjmy1iyzdllwqxnzkzyjiwndhlmij9 --silent --desktopshortcut=1 --install-subfolder=107.0.5045.79
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win64 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2a4,0x2d4,0x7ff8a8dad180,0x7ff8a8dad18c,0x7ff8a8dad198
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win64 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x284,0x288,0x28c,0x280,0x290,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win64 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x290,0x294,0x298,0x28c,0x29c,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=gpu-process --no-appcompat-clear --start-stack-profiler --ab_tests=gxctest50-test:dna-99214_gxctest50 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1848 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\opera_autoupdate.exe" --pipeid=oauc_task_piped42b87436846297e467003cba27fe2f4 --version=107.0.5045.79 --producttype --requesttype=automatic --downloaddir="c:\users\user\appdata\local\temp\.opera\0ea40e5ab06b" --installationdatadir="c:\users\user\appdata\local\programs\opera gx" --operadir="c:\users\user\appdata\local\programs\opera gx\107.0.5045.79" --installdir="c:\users\user\appdata\local\programs\opera gx" --user-data-dir="c:\users\user\appdata\roaming\opera software\opera gx stable" --nometrics --scheduledtask
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --enable-quic --no-appcompat-clear --start-stack-profiler --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=1972 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=2776 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.datadecoderservice --lang=en-gb --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=3216 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\opera_autoupdate.exe" --type=crashpad-handler "--user-data-dir=c:\users\user\appdata\roaming\opera software\opera gx stable" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win64 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff6e85938fc,0x7ff6e8593908,0x7ff6e8593918
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.datadecoderservice --lang=en-gb --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=3356 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.datadecoderservice --lang=en-gb --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=4364 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.datadecoderservice --lang=en-gb --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=4764 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe c:\users\user\appdata\local\temp\is-nm93k.tmp\operagxsetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win32 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x2f0,0x6bb4623c,0x6bb46248,0x6bb46254
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe "c:\users\user\appdata\local\temp\is-nm93k.tmp\operagxsetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="c:\users\user\appdata\local\programs\opera gx" --profile-folder --language=en-gb --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=1396 --package-dir-prefix="c:\users\user\appdata\local\temp\.opera\opera gx installer temp\opera_package_20240329191858" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=ngfjmjbjzgm2ote2n2rinmjlyjjmy2m2ytbmzddmmdy4zje3n2y3owfjnmexn2rhotu2nguynwuyotfkyjhlnjp7imnvdw50cnkioijvuyisimvkaxrpb24ioijzdgqtmsisimluc3rhbgxlcl9uyw1lijoit3blcmfhwfnldhvwlmv4zsisinbyb2r1y3qionsibmftzsi6im9wzxjhx2d4in0sinf1zxj5ijoil29wzxjhx2d4l3n0ywjszs9lzgl0aw9ul3n0zc0xp3v0bv9zb3vyy2u9ufdoz2ftzxmmdxrtx21lzgl1bt1wysz1dg1fy2ftcgfpz249ufdox1vtx1bcnf8znzqyjnv0bv9pzd04mdvjotq2zwm3yzu0njgwyjm3zju4mmq1ogrlmtgzmcz1dg1fy29udgvudd0znzqyx3nldhvwaw8ilcjzexn0zw0ionsicgxhdgzvcm0ionsiyxjjaci6ing4nl82ncisim9wc3lzijoiv2luzg93cyisim9wc3lzlxzlcnnpb24ioiixmcisinbhy2thz2uioijfweuifx0sinrpbwvzdgftcci6ije3mte3mzyzmzyuntm0ncisinvzzxjhz2vudci6iklubm8gu2v0dxagni4yljiilcj1dg0ionsiy2ftcgfpz24ioijqv05fvvnfuei0xzm3ndiilcjjb250zw50ijoimzc0ml9zzxr1cglviiwiawqioii4mdvjotq2zwm3yzu0njgwyjm3zju4mmq1ogrlmtgzmcisim1lzgl1bsi6inbhiiwic291cmnlijoiufdoz2ftzxmifswidxvpzci6imfin2e4mguwlwy1mjitndzjmy1iyzdllwqxnzkzyjiwndhlmij9 --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=7005000000000000
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe c:\users\user\appdata\local\temp\is-nm93k.tmp\operagxsetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win32 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x308,0x30c,0x310,0x2d8,0x314,0x6aeb623c,0x6aeb6248,0x6aeb6254
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\installer.exe" --backend --initial-pid=1396 --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="c:\users\user\appdata\local\programs\opera gx" --profile-folder --language=en-gb --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --package-dir="c:\users\user\appdata\local\temp\.opera\opera gx installer temp\opera_package_202403291918581" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=ngfjmjbjzgm2ote2n2rinmjlyjjmy2m2ytbmzddmmdy4zje3n2y3owfjnmexn2rhotu2nguynwuyotfkyjhlnjp7imnvdw50cnkioijvuyisimvkaxrpb24ioijzdgqtmsisimluc3rhbgxlcl9uyw1lijoit3blcmfhwfnldhvwlmv4zsisinbyb2r1y3qionsibmftzsi6im9wzxjhx2d4in0sinf1zxj5ijoil29wzxjhx2d4l3n0ywjszs9lzgl0aw9ul3n0zc0xp3v0bv9zb3vyy2u9ufdoz2ftzxmmdxrtx21lzgl1bt1wysz1dg1fy2ftcgfpz249ufdox1vtx1bcnf8znzqyjnv0bv9pzd04mdvjotq2zwm3yzu0njgwyjm3zju4mmq1ogrlmtgzmcz1dg1fy29udgvudd0znzqyx3nldhvwaw8ilcjzexn0zw0ionsicgxhdgzvcm0ionsiyxjjaci6ing4nl82ncisim9wc3lzijoiv2luzg93cyisim9wc3lzlxzlcnnpb24ioiixmcisinbhy2thz2uioijfweuifx0sinrpbwvzdgftcci6ije3mte3mzyzmzyuntm0ncisinvzzxjhz2vudci6iklubm8gu2v0dxagni4yljiilcj1dg0ionsiy2ftcgfpz24ioijqv05fvvnfuei0xzm3ndiilcjjb250zw50ijoimzc0ml9zzxr1cglviiwiawqioii4mdvjotq2zwm3yzu0njgwyjm3zju4mmq1ogrlmtgzmcisim1lzgl1bsi6inbhiiwic291cmnlijoiufdoz2ftzxmifswidxvpzci6imfin2e4mguwlwy1mjitndzjmy1iyzdllwqxnzkzyjiwndhlmij9 --silent --desktopshortcut=1 --install-subfolder=107.0.5045.79
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeProcess created: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe "c:\users\user\appdata\local\temp\.opera\opera gx installer temp\opera_package_202403291918581\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win32 --annotation=prod=operadesktopgx --annotation=ver=73.0.3856.382 --initial-client-data=0x270,0x274,0x278,0x24c,0x27c,0xdb4f48,0xdb4f58,0xdb4f64
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win64 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2a4,0x2d4,0x7ff8a8dad180,0x7ff8a8dad18c,0x7ff8a8dad198
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\opera_autoupdate.exe" --pipeid=oauc_task_piped42b87436846297e467003cba27fe2f4 --version=107.0.5045.79 --producttype --requesttype=automatic --downloaddir="c:\users\user\appdata\local\temp\.opera\0ea40e5ab06b" --installationdatadir="c:\users\user\appdata\local\programs\opera gx" --operadir="c:\users\user\appdata\local\programs\opera gx\107.0.5045.79" --installdir="c:\users\user\appdata\local\programs\opera gx" --user-data-dir="c:\users\user\appdata\roaming\opera software\opera gx stable" --nometrics --scheduledtask
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win64 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x284,0x288,0x28c,0x280,0x290,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win64 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x290,0x294,0x298,0x28c,0x29c,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=gpu-process --no-appcompat-clear --start-stack-profiler --ab_tests=gxctest50-test:dna-99214_gxctest50 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1848 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --enable-quic --no-appcompat-clear --start-stack-profiler --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=1972 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=2776 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.datadecoderservice --lang=en-gb --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=3216 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.datadecoderservice --lang=en-gb --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=3356 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.datadecoderservice --lang=en-gb --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=4364 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe "c:\users\user\appdata\local\programs\opera gx\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.datadecoderservice --lang=en-gb --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=gxctest50-test:dna-99214_gxctest50 --mojo-platform-channel-handle=4764 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeProcess created: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe "c:\users\user\appdata\local\programs\opera gx\107.0.5045.79\opera_autoupdate.exe" --type=crashpad-handler "--user-data-dir=c:\users\user\appdata\roaming\opera software\opera gx stable" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=c:\users\user\appdata\roaming\opera software\opera gx stable\crash reports" "--crash-count-file=c:\users\user\appdata\roaming\opera software\opera gx stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=stable --annotation=plat=win64 --annotation=prod=operadesktopgx --annotation=ver=107.0.5045.79 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff6e85938fc,0x7ff6e8593908,0x7ff6e8593918
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_0040247A AllocateAndInitializeSid,CheckTokenMembership,FreeSid,
Source: installer.exe, 0000000D.00000003.2638115252.000001D8873D1000.00000004.00000020.00020000.00000000.sdmp, launcher.exe, 00000012.00000000.2711688977.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmp, launcher.exe, 00000012.00000002.2770887188.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: ..\..\opera\desktop\chrome_imports\chrome\browser\win\ui_automation_util.ccGetCachedBstrValue property is not a BSTR: GetCachedInt32Value property is not an I4: Cannot get app output Failed to run the elevated process: Failed wait for the elevated process: Unexpected result when waiting for elevated process: Shortcut element - no correct interface...\..\opera\desktop\windows\installer\common\pin_automator.ccDoneCannot get native menu handle.Cannot get desktop rect.Cannot find pin menu element.Could not activate the menu item.ProgmanSysListView324
Source: explorer.exe, 00000011.00000000.2707241317.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd=
Source: installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpBinary or memory string: ..\..\opera\desktop\chrome_imports\chrome\browser\win\ui_automation_util.ccGetCachedBstrValue property is not a BSTR: GetCachedInt32Value property is not an I4: X64Cannot get the size of file version infoNo file version in the package\StringFileInfo\000004B0\ProductVersionNo product version value in the packageReceived an invalid version: \StringFileInfo\000004B0\ContinuousVersionReceived an invalid continuous build number: Cannot acquire internal version from the full version: \StringFileInfo\000004B0\StreamNo stream value in the packageCannot get exe output: version..\..\opera\desktop\windows\installer\common\file_version_utils_impl.ccInvalid version from exe: Cannot get exe output: streamCannot get app output Failed to run the elevated process: Failed wait for the elevated process: Unexpected result when waiting for elevated process: Shortcut element - no correct interface...\..\opera\desktop\windows\installer\common\pin_automator.ccDoneCannot get native menu handle.Cannot get desktop rect.Cannot find pin menu element.Could not activate the menu item.ProgmanSysListView324
Source: explorer.exe, 00000011.00000000.2701335122.0000000001731000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Program Manager
Source: OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: ..\..\opera\desktop\chrome_imports\chrome\browser\win\ui_automation_util.ccGetCachedBstrValue property is not a BSTR: GetCachedInt32Value property is not an I4: X64Cannot get the size of file version infoNo file version in the package\StringFileInfo\000004B0\ProductVersionNo product version value in the packageReceived an invalid version: \StringFileInfo\000004B0\ContinuousVersionReceived an invalid continuous build number: Cannot acquire internal version from the full version: \StringFileInfo\000004B0\StreamNo stream value in the packageCannot get exe output: version..\..\opera\desktop\windows\installer\common\file_version_utils_impl.ccInvalid version from exe: Cannot get exe output: streamCannot get app output Failed to run the elevated process: Failed wait for the elevated process: Unexpected result when waiting for elevated process: Shortcut element - no correct interface...\..\opera\desktop\windows\installer\common\pin_automator.ccDoneCannot get native menu handle.Cannot get desktop rect.Cannot find pin menu element.No rectangleCould not activate the menu item.ProgmanSysListView324
Source: installer.exe, 0000000D.00000002.2906158946.000001D8874C6000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000011.00000000.2701335122.0000000001731000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000011.00000000.2704546993.0000000004B00000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd
Source: OperaGXSetup.exe, installer.exe, 0000000D.00000002.2908402486.000001D88844A000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000011.00000000.2701335122.0000000001731000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
Source: explorer.exe, 00000011.00000000.2701335122.0000000001731000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
Source: installer.exe, 0000000D.00000002.2905358133.000001D887438000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manager_1
Source: explorer.exe, 00000011.00000000.2700552070.0000000000EF0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: PProgman
Source: installer.exe, 0000000D.00000002.2903459350.000001D885A78000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Progmant
Source: explorer.exe, 00000011.00000000.2707007143.000000000946C000.00000004.00000010.00020000.00000000.sdmpBinary or memory string: Shell_TrayWndes
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C71220 cpuid
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: GetLastError,GetLastError,wsprintfW,GetEnvironmentVariableW,GetEnvironmentVariableW,GetLastError,??2@YAPAXI@Z,GetEnvironmentVariableW,GetLastError,lstrcmpiW,??3@YAXPAX@Z,??3@YAXPAX@Z,SetLastError,lstrlenA,??2@YAPAXI@Z,GetLocaleInfoW,_wtol,MultiByteToWideChar,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: GetLocaleInfoW,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: GetLocaleInfoW,
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion DigitalProductId
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion DigitalProductId
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion DigitalProductId
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeQueries volume information: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\installer_prefs_include.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\files_list VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\root_files_list VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeQueries volume information: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\files_list VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeQueries volume information: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\pref_default_overrides VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeQueries volume information: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\installer_prefs_include.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\custom_partner_content.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\pref_default_overrides VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\ab_tests.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\server_tracking_data VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\custom_partner_content.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\pref_default_overrides VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\013E742B-287B-4228-A0B9-BD617E4E02A4.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\07593226-C5C5-438B-86BE-3F6361CD5B10.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\0CD5F3A0-8BF6-11E2-9E96-0800200C9A66.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\1AF2CDD0-8BF3-11E2-9E96-0800200C9A66.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\1CF37043-6733-479C-9086-7B21A2292DDA.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\2A3F5C20-8BF5-11E2-9E96-0800200C9A66.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\2F8F0E41-F521-45A4-9691-F664AFAFE67F.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\3B6191A0-8BF3-11E2-9E96-0800200C9A66.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\3BFDFA54-5DD6-4DFF-8B6C-C1715F306D6B.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\4C95ADC1-5FD9-449D-BC75-77CA217403AE.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\5BBBDD5B-EDC7-4168-9F5D-290AF826E716.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\66DD4BB6-A3BA-4B11-AF7A-F4BF23E073B2.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\6D3582E1-6013-429F-BB34-C75B90CDD1F8.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\76C397A8-9E8E-4706-8203-BD2878E9C618.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\8D754F20-8BF5-11E2-9E96-0800200C9A66.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\AD2FD2BD-0727-4AF7-8917-AAED8627ED47.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\B478FE0C-0761-41C3-946F-CD1340356039.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\C665D993-1B49-4C2E-962C-BEB19993BB86.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\CCCED631-6DA2-4060-9824-95737E64350C.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\CFCE84E5-9A95-4B3F-B8E4-3E98CF7EE6C5.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\CFD4BE41-4C6D-496A-ADDB-4095DFA1DD0E.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\F3F34CBB-24FF-4830-9E87-1663E7A0A5EE.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\F98D4D4C-8AA7-4619-A1E7-AC89B24558DD.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\FDC2CCAB-E8F9-4620-91DD-B0B67285997C.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\FF57F01A-0718-44B7-8A1F-8B15BC33A50B.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\FFF3F819-B6CE-4DE6-B4E4-8E2618ABC0D9.ico VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\video_conference_popout.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\browser.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\MEIPreload\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\partner_speeddials.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\siteprefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\segoeuii.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\daily_wallpapers.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.version VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1605735293\persona.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1605735293\classic.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_808861689\persona.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_808861689\classic.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Web\Wallpaper\Windows\img0.jpg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\cour.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\couri.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_850653473\persona.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_850653473\wallpaper.jpg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\pala.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\palai.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\palab.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_4152286\persona.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_4152286\classic.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_812821631\persona.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_812821631\GX_Wallpaper_classic.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1282861814\persona.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1282861814\GX_Wallpaper_Light_classic.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1458538868\persona.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1458538868\wallpaper.jpg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1587385142\persona.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1587385142\classic.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1254482314\persona.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1254482314\GX_Wallpaper_classic.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_106807459\persona.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_106807459\GX_Wallpaper_Light_classic.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\MEIPreload\preloaded_data.pb VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\daily_wallpapers.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\daily_wallpapers.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\cfb3ebf5-c309-4af9-9fd1-ff20a23468ef.tmp VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Service Worker\ScriptCache\4cb013792b196a35_0 VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_597946959\CRX_INSTALL\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_142773148\CRX_INSTALL\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_597946959\CRX_INSTALL\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\en_GB\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\en\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\en\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\bg\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\bn\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\ca\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\cs\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\da\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\de\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\el\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\en\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\en_GB\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\es\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\es_419\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\fi\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\fr_CA\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\hi\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\hr\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\hu\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\id\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\it\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\ja\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\ko\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\lt\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\lv\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\ms\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\nb\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\nl\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\pl\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\pt\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\pt_BR\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\ro\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\ru\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\sk\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\sr\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\sv\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\sw\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\ta\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\te\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\th\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\tr\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\uk\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\vi\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\zh_CN\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_1960165041\CRX_INSTALL\_locales\zh_TW\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk\1.1.3_0\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk\1.1.3_0\_metadata\verified_contents.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk\1.1.3_0\history-tags.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk\1.1.3_0\main.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk\1.1.3_0\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk\1.1.3_0\startpage_test_function.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk\1.1.3_0\targeted_sd_section.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk\1.1.3_0\_metadata\computed_hashes.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\en_GB\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\en\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\en\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch16.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch16.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\en_GB\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\en\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\en\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch16.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_metadata\verified_contents.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\be\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\bg\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\bn\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\ca\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\cs\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\da\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\de\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\el\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\en\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\en_GB\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\es\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\es_419\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\fi\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\fr\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\fr_CA\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\hi\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\hr\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\hu\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\id\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\it\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\ja\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\ko\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\lt\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\lv\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\ms\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\nb\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\nl\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\pl\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\pt\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\pt_BR\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\ro\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\ru\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\sk\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\sr\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\sv\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\sw\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\ta\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\te\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\th\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\tl\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\tr\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\uk\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\vi\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\zh_CN\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_locales\zh_TW\messages.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\avatar-placeholder.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\checkbox.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\close.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\cover-placeholder.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\go-to-twitch-arrow.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\go-to-twitch-logo.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\list-view.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\no-avatar.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\notification.mp3 VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\search.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\settings.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\tile-view.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\twitch-placeholder@x1.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\assets\twitch-placeholder@x2.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\background.html VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\background.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\common.css VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\components\input_styles.css VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\components\stream_icon.html VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\components\stream_icon.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\components\stream_list.html VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\components\stream_list.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\dummy_steamer_data.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch128.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch16.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\icons\twitch48.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\sidebar.css VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\sidebar.html VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\sidebar.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\template.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\utils\colors.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\utils\preferences.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\utils\sounds.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\utils\stats.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\utils\twitch_api.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\utils\utils.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\utils\volume.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\aelmefcddnelhophneodelaokjogeemi\0.21.0_0\_metadata\computed_hashes.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_280866610\CRX_INSTALL\webpage_content_reporter.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\webpage_content_reporter.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\webpage_content_reporter.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\icons\512\icon_512_black.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Temp\scoped_dir5144_142773148\CRX_INSTALL\manifest.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\_metadata\verified_contents.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\0108e89c9003e8c14ea3.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\017c29dbc4d9f1f201e9.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\01ac8450057de556853b.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\02271ec5cb9f5b4588ac.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\0246e88ab3b60542f582.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\0264fb02c65c7cc33355.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\046461fc1a778fe43d99.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\073b3402d036714b4370.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\0c3b8929d377c0e9b2f3.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\0eebbdfb27d542c486ce.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\13a27524bd914f383b14.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\169.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\172d3529b26f8cedef6b.woff2 VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\1b3b83dac50be6b9c503.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\1e1c0e29b79b49a6ff4d.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\1e649c8a03d6232a688c.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\20f389c4120be058d80a.woff2 VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\211.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\212532323374ae2448ec.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\2179f0be6a7943d619de.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\2573fae744f00a3822ff.png VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\2960900c4f271311eb36.woff2 VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\2b1d5bea6b59d7df7543.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\2d0dbf42750207f78ffa.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\2e7fc7bc27f14936d460.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\2f7bc363fc5424ebda59.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\354501bac435c3264834.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\36c7b8b5ca8e5fb1c18c.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\3732873d6bcc644421fa.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\395.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\39890742bc957b368704.woff2 VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\3a99e70aee4076660d38.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\3be6ad1b3df0e5831c59.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\3d0614224103268f2be7.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\3dcbef40ef1b04e21951.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\3f07ed67f06c720120ce.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\428978dc7837d46de091.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\44d85d37ca16b0b3a224.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\4ad7c7e8bb8d10a34bb7.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\4c6b94fd1d07f8beff7c.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\4c761b3711973ab04edf.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\4f35fbcc9ee8614c2bcc.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\53d29add4f51cb58cf68.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\5571ad00c83ed7c02dfe.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\57f5c1837853986ea1db.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\591.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\5adac599c899f8c8e7a5.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\5b49f4993ae22d7975b4.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\5b7f1191e76219e1b1a6.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\5d1a909f3c0b18e897f0.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\5e577791088fdf698fe4.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\60b4a28215d22a7d41a3.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\637f22f6137db0081579.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\651.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\65882ad114b64cb3e4c4.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\6912698b643838d06158.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\692d5af8b740a53ced1a.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\6d3d25f4820d0da8f01f.woff2 VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\6de7d4b539221a49e9e2.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\6e912113b807d9defcf7.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\6eec866c69313624be60.woff2 VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\6fdf0ac577be0ba82a4c.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\70eba12308e7984fd14b.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\7120b68615ebe4b28075.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\727f6e5002062e656358.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\73ea273a72f4aca30ca5.woff2 VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\7489a2fbfb9bfe704420.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\75bd363a076f7029be1d.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\763c3b026deaf11f0f62.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\7947224e8a9914fa332b.woff VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\7bce35126a6372258d77.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\7be90d1afea9e1266308.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\7d393d382f3e7fb1c637.woff2 VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\7e873d3833eb108a0758.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\8169508bf58f8bd92ad8.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\823d989847c2950d3b26.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\828abcb200061cffbaae.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\8303dd9ea54e07b2677d.svg VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\853be92419a6c3766b9a.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm\3.2_0\8723f9d7e62d3b67094f.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\resources\doh_providers.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.version VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.version VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\server_tracking_data VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\server_tracking_data VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\server_tracking_data VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\server_tracking_data VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Network\SCT Auditing Pending Reports VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installer_prefs.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Opera GX\installation_status.json VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00CBCB18 GetVersion,CreateNamedPipeW,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00401841 ??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,GetLocalTime,SystemTimeToFileTime,??2@YAPAXI@Z,GetLastError,??3@YAXPAX@Z,??3@YAXPAX@Z,GetLastError,??3@YAXPAX@Z,GetLastError,??3@YAXPAX@Z,??3@YAXPAX@Z,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00C20746 GetUserNameW,GetNamedSecurityInfoW,GetNamedSecurityInfoW,GetExplicitEntriesFromAclW,CheckTokenMembership,BuildExplicitAccessWithNameW,SetEntriesInAclW,SetEntriesInAclW,LocalFree,LocalFree,LocalFree,LocalFree,SetNamedSecurityInfoW,SetNamedSecurityInfoW,LocalFree,LocalFree,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exeCode function: 10_2_00D4F7E2 GetTimeZoneInformation,
Source: C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exeCode function: 9_2_00405750 ?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z,GetVersionExW,GetCommandLineW,_wtol,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,GetModuleFileNameW,_wtol,??2@YAPAXI@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,wsprintfW,_wtol,GetCommandLineW,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,GetCurrentProcess,SetProcessWorkingSetSize,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,CoInitialize,_wtol,??3@YAXPAX@Z,GetKeyState,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,GetFileAttributesW,??3@YAXPAX@Z,??3@YAXPAX@Z,_wtol,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,SetLastError,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,SetCurrentDirectoryW,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,??3@YAXPAX@Z,MessageBoxA,
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid
Source: C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exeRegistry key created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 BlobJump to behavior

Stealing of Sensitive Information

barindex
Tries to harvest and steal browser information (history, passwords, etc)
Source: C:\Users\user\AppData\Local\Programs\Opera GX\opera.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Valid Accounts		31
Windows Management Instrumentation		1
DLL Side-Loading		1
Abuse Elevation Control Mechanism		1
Disable or Modify Tools		1
OS Credential Dumping		2
System Time Discovery		Remote Services11
Archive Collected Data		1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts2
Native API		1
DLL Search Order Hijacking		1
DLL Side-Loading		1
Deobfuscate/Decode Files or Information		1
Credential API Hooking		1
Account Discovery		Remote Desktop Protocol1
Browser Session Hijacking		Junk DataExfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain Accounts12
Command and Scripting Interpreter		1
Valid Accounts		1
DLL Search Order Hijacking		1
Abuse Elevation Control Mechanism		11
Input Capture		4
File and Directory Discovery		SMB/Windows Admin Shares1
Data from Local System		SteganographyAutomated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCron1
Windows Service		1
Valid Accounts		31
Obfuscated Files or Information		NTDS77
System Information Discovery		Distributed Component Object Model1
Credential API Hooking		Protocol ImpersonationTraffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script11
Access Token Manipulation		1
Software Packing		LSA Secrets1
Query Registry		SSH11
Input Capture		Fallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts1
Windows Service		1
Timestomp		Cached Domain Credentials41
Security Software Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup Items13
Process Injection		1
DLL Side-Loading		DCSync2
Process Discovery		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
DLL Search Order Hijacking		Proc Filesystem41
Virtualization/Sandbox Evasion		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt11
Masquerading		/etc/passwd and /etc/shadow3
System Owner/User Discovery		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron1
Valid Accounts		Network Sniffing1
Remote System Discovery		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement
Network Security AppliancesDomainsCompromise Software Dependencies and Development ToolsAppleScriptLaunchdLaunchd1
Modify Registry		Input CaptureSystem Network Connections DiscoverySoftware Deployment ToolsRemote Data StagingMail ProtocolsExfiltration Over Unencrypted Non-C2 ProtocolFirmware Corruption
Gather Victim Org InformationDNS ServerCompromise Software Supply ChainWindows Command ShellScheduled TaskScheduled Task41
Virtualization/Sandbox Evasion		KeyloggingProcess DiscoveryTaint Shared ContentScreen CaptureDNSExfiltration Over Physical MediumResource Hijacking
Determine Physical LocationsVirtual Private ServerCompromise Hardware Supply ChainUnix ShellSystemd TimersSystemd Timers11
Access Token Manipulation		GUI Input CapturePermission Groups DiscoveryReplication Through Removable MediaEmail CollectionProxyExfiltration over USBNetwork Denial of Service
Business RelationshipsServerTrusted RelationshipVisual BasicContainer Orchestration JobContainer Orchestration Job13
Process Injection		Web Portal CaptureLocal GroupsComponent Object Model and Distributed COMLocal Email CollectionInternal ProxyCommonly Used PortDirect Network Flood

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1417615 Sample: SecuriteInfo.com.Adware.Ele... Startdate: 29/03/2024 Architecture: WINDOWS Score: 34 163 Multi AV Scanner detection for submitted file 2->163 165 Contains functionality to register a low level keyboard hook 2->165 167 Writes many files with high entropy 2->167 12 SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe 2 2->12         started        15 launcher.exe 2->15         started        process3 file4 127 SecuriteInfo.com.A....22.28512.27778.tmp, PE32 12->127 dropped 17 SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp 3 19 12->17         started        129 C:\Users\user\AppData\Local\...\installer.exe, PE32+ 15->129 dropped 21 opera_autoupdate.exe 15->21         started        23 installer.exe 15->23         started        process5 dnsIp6 139 107.167.110.216 OPERASOFTWAREUS United States 17->139 141 54.225.130.57 AMAZON-AESUS United States 17->141 143 88.208.5.115 ADVANCEDHOSTERS-ASNL Netherlands 17->143 97 C:\Users\user\AppData\Local\...\is-T2PA3.tmp, PE32 17->97 dropped 99 C:\Users\user\AppData\Local\...\_setup64.tmp, PE32+ 17->99 dropped 101 C:\Users\user\AppData\Local\...\OperaLib.dll, PE32 17->101 dropped 103 C:\Users\user\...\OperaGXSetup.exe (copy), PE32 17->103 dropped 25 OperaGXSetup.exe 47 17->25         started        145 127.0.0.1 unknown unknown 21->145 30 opera_autoupdate.exe 21->30         started        105 Opera_installer_2403291820085812316.dll, PE32+ 23->105 dropped file7 process8 dnsIp9 153 107.167.110.218 OPERASOFTWAREUS United States 25->153 155 107.167.125.189 OPERASOFTWAREUS United States 25->155 157 6 other IPs or domains 25->157 119 C:\Users\user\AppData\Local\...\opera_package, PE32 25->119 dropped 121 Opera_GX_107.0.504...toupdate_x64[1].exe, PE32 25->121 dropped 123 Opera_installer_2403291818577271396.dll, PE32 25->123 dropped 125 4 other files (none is malicious) 25->125 dropped 173 Writes many files with high entropy 25->173 32 OperaGXSetup.exe 1 181 25->32         started        35 Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe 5 25->35         started        37 OperaGXSetup.exe 5 25->37         started        39 2 other processes 25->39 file10 signatures11 process12 file13 79 C:\Users\user\AppData\Local\...\installer.exe, PE32+ 32->79 dropped 81 C:\Users\user\AppData\...\assistant_package, PE32 32->81 dropped 83 C:\Users\user\...\gx-classic-light.zip, Zip 32->83 dropped 95 25 other files (4 malicious) 32->95 dropped 41 installer.exe 32 32->41         started        45 OperaGXSetup.exe 4 32->45         started        85 C:\Users\user\AppData\Local\...\mojo_core.dll, PE32 35->85 dropped 87 C:\Users\user\...\browser_assistant.exe, PE32 35->87 dropped 89 C:\Users\user\...\assistant_installer.exe, PE32 35->89 dropped 91 Opera_installer_2403291818579403276.dll, PE32 37->91 dropped 93 Opera_installer_2403291818582525068.dll, PE32 39->93 dropped 47 assistant_installer.exe 2 39->47         started        process14 file15 109 C:\Users\user\AppData\Local\...\opera.exe, PE32+ 41->109 dropped 111 Opera_installer_2403291819548603504.dll, PE32+ 41->111 dropped 113 C:\Users\user\AppData\Local\...\launcher.exe, PE32+ 41->113 dropped 115 C:\...\launcher.exe.1711736396.old (copy), PE32+ 41->115 dropped 171 Installs a global event hook (focus changed) 41->171 49 explorer.exe 41->49 injected 51 koksDTqWjvmuJdFhyPGiECl.exe 41->51 injected 54 launcher.exe 41->54         started        56 2 other processes 41->56 117 Opera_installer_2403291818588244612.dll, PE32 45->117 dropped signatures16 process17 file18 59 opera.exe 49->59         started        169 Found direct / indirect Syscall (likely to bypass EDR) 51->169 64 opera.exe 54->64         started        66 opera_gx_splash.exe 54->66         started        107 Opera_installer_2403291819551826188.dll, PE32+ 56->107 dropped signatures19 process20 dnsIp21 159 192.168.2.5 unknown unknown 59->159 161 239.255.255.250 unknown Reserved 59->161 131 C:\Users\user\...\gx-classic-light.zip, Zip 59->131 dropped 133 C:\Users\user\AppData\...\gx-classic-dark.zip, Zip 59->133 dropped 135 C:\Users\user\...\gx-1-classic-light.zip, Zip 59->135 dropped 137 17 other malicious files 59->137 dropped 175 Tries to harvest and steal browser information (history, passwords, etc) 59->175 68 opera.exe 59->68         started        71 opera_crashreporter.exe 59->71         started        73 opera.exe 59->73         started        77 5 other processes 59->77 75 opera_crashreporter.exe 64->75         started        file22 signatures23 process24 dnsIp25 147 107.167.110.211 OPERASOFTWAREUS United States 68->147 149 185.26.182.111 NO-OPERANO Norway 68->149 151 33 other IPs or domains 68->151

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe37%ReversingLabsWin32.Trojan.Generic
SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe43%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\Opera_GX_assistant_73.0.3856.382_Setup[1].exe0%ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\Opera_GX_assistant_73.0.3856.382_Setup[1].exe1%VirustotalBrowse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\Opera_GX_107.0.5045.79_Autoupdate_x64[1].exe0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\CUESDK.x64_2017.dll0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\CUESDK.x64_2017.dll0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\assistant_package0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\assistant_package0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\d3dcompiler_47.dll0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\d3dcompiler_47.dll0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\dxcompiler.dll0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\dxcompiler.dll0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\dxil.dll0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\dxil.dll0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer_helper_64.exe0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer_helper_64.exe0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\launcher.exe0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\launcher.exe0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\launcher.exe.1711736396.old (copy)0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\launcher.exe.1711736396.old (copy)0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\libEGL.dll0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\libEGL.dll0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\libGLESv2.dll0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\libGLESv2.dll0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\mojo_core.dll0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\mojo_core.dll0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\notification_helper.exe0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\notification_helper.exe0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera.exe0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera.exe0%VirustotalBrowse
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe0%ReversingLabs
C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe0%VirustotalBrowse

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
https://try.opera.com/72TR8R7/KLRL579/?sub1=setupio&sub2=31120SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000011.00000000.2701335122.0000000001731000.00000002.00000001.00040000.00000000.sdmpfalse
    https://yandex.ua/search/?clid=2358536&text=installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
      https://legal.opera.com/termsSecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2850171237.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009CA000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
        https://www.deezer.com/sr/logininstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
          https://api.browser.yandex.ua/suggest/get?part=installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
            https://help.opera.com/latest/OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, launcher.exe, 00000012.00000002.2766223989.000060EC00288000.00000004.00001000.00020000.00000000.sdmp, opera.exe, 00000015.00000002.2787646170.0000608400254000.00000004.00001000.00020000.00000000.sdmpfalse
              http://anglebug.com/4633opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                https://addons.opera.com/extensions/download/13655f413caacdcc677b24dc0c615d1f5328d6a3/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                  https://anglebug.com/7382opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                    https://issuetracker.google.com/284462263opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                      https://policies.google.com/terms;OperaGXSetup.exe, 00000003.00000002.2850171237.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.000000000018A000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009CA000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                        https://www.baidu.com/favicon.icoinstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                          https://desktop-netinstaller-sub.osp.opera.software/v1/binaryera.software3OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpfalse
                            https://ff.search.yahoo.com/gossip?output=fxjson&command=installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                              http://autoupdate-staging.services.ams.osa/OperaGXSetup.exefalse
                                http://localhost:3001api/prefs/?product=$1&version=$2..OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                                  http://www.opera.comOperaGXSetup.exe, 00000003.00000003.2845554919.0000000036474000.00000004.00001000.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258300885.000000003634C000.00000004.00001000.00020000.00000000.sdmpfalse
                                    https://crashpad.chromium.org/https://crashpad.chromium.org/bug/newOperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.00000000032A8000.00000004.00000020.00020000.00000000.sdmp, Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmp, assistant_installer.exe, 0000000A.00000000.2279825246.0000000000D67000.00000002.00000001.01000000.00000011.sdmp, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D67000.00000002.00000001.01000000.00000011.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                                      https://desktop-netinstaller-sub.osp.opera.software/SysWOW64OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmpfalse
                                        https://features.opera-api2.com/COperaGXSetup.exe, 00000003.00000003.2071654247.0000000000C74000.00000004.00000020.00020000.00000000.sdmpfalse
                                          https://addons.opera.com/extensions/download/0239ef3d7c95570d61b12b2fb509af435ccc2131/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                            https://www.deezer.com/no/logininstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                              https://www.deezer.com/ro/logininstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                https://completion.amazon.com/search/complete?q=installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                  https://anglebug.com/7714opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                    https://listen.tidal.com/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                      https://desktop-netinstaller-sub.osp.opera.software/v1/binaryera.softwareOperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        https://addons.opera.com/extensions/download/ad5beaae2fc679ccba1db1f7b3c9503d8da6ec70/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                          https://www.remobjects.com/psSecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1960705178.0000000002680000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1961058453.000000007FB40000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000000.1962311586.0000000000401000.00000020.00000001.01000000.00000004.sdmpfalse
                                                            https://www.innosetup.com/SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1960705178.0000000002680000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1961058453.000000007FB40000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000000.1962311586.0000000000401000.00000020.00000001.01000000.00000004.sdmpfalse
                                                              http://anglebug.com/6248opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                https://download.opera.com/ROperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  https://www.deezer.com/fi/logininstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                    https://download3.operacdn.com/OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      http://anglebug.com/6929opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                        http://anglebug.com/5281opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                          http://crl4.dig-OperaGXSetup.exe, 00000003.00000002.2870614189.0000000001068000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            https://www.so.com/favicon.icoinstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                              https://download5.operacdn.com/ftp/pub/opera_gx/107.0.5045.79/win/Opera_GX_107.0.5045.79_Autoupdate_OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087414766.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087266746.00000000041EF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                https://www.deezer.com/mx/logininstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                  https://issuetracker.google.com/255411748opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                    http://www.autoitscript.com/autoit3/Jexplorer.exe, 00000011.00000000.2719335016.000000000C8B4000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                      https://crashpad.chromium.org/assistant_installer.exe, assistant_installer.exe, 0000000B.00000000.2284793354.0000000000D67000.00000002.00000001.01000000.00000011.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                        https://addons.opera.com/en/extensions/details/dify-cashback/launcher.exe, 00000013.00000000.2728056334.00007FF7385C4000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                          https://anglebug.com/7246opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                            https://anglebug.com/7369opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                              https://www.deezer.cominstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                https://anglebug.com/7489opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                  https://autoupdate.geo.opera.com/geolocation/OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                    https://desktop-netinstaller-sub.osp.opera.software/appxBundleSipPutSignedDataMsgniuid=Dll-f522-46c3OperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      https://desktop-netinstaller-sub.osp.opera.software/XwOperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C25000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        https://duckduckgo.com/?q=installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                          https://yandex.com.tr/search/?clid=1669559&text=installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                            https://crashstats-collector.opera.com/collector/submitinstaller.exe, 0000000E.00000002.2921864598.000001D74CF70000.00000004.00000020.00020000.00000000.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000003.2919717296.00004A5000238000.00000004.00001000.00020000.00000000.sdmp, opera.exe, 00000015.00000003.2747900384.00006084002E0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                              https://download.opera.com/4OperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2090712500.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2182012704.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2087362255.0000000000CB1000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2258071768.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                http://www.kymoto.orgAboutSecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1959440394.0000000002540000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.1964992515.00000000035E0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                  https://try.opera.com/72TRSecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    http://anglebug.com/8417opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                      https://addons.opera.com/extensions/download/4d3d8f7f070d279fbe0d2795e10e69fbab5d3824/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                        https://opera.com/privacyOperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                          http://www.kymoto.orgSecuriteInfo.com.Adware.Elemental.22.28512.27778.exe, 00000000.00000003.1959440394.0000000002540000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.1964992515.00000000035E0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                            https://issuetracker.google.com/161903006opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                              https://www.opera.com/eula/computersSecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                https://desktop-netinstaller-sub.osp.opera.software/etUrlCacheOperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  https://gamemaker.io)OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                    http://autoupdate-staging.services.ams.osa/v4/v5/netinstaller///windows/x64v2/FetchingOperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                      https://duckduckgo.com/favicon.icoinstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                        https://www.google.com/favicon.icoinstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                          https://desktop-netinstaller-sub.osp.opera.software/v1/binaryera.softwarepOperaGXSetup.exe, 00000003.00000003.2322528834.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329742679.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2322594580.0000000000C93000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            http://anglebug.com/3078opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                              http://anglebug.com/7553opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                http://anglebug.com/5375opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                  https://addons.opera.com/extensions/download/3ed7347a5e10c404ea6cb96281265ff23092cf8f/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                    https://addons.opera.com/extensions/download/e27cf3ebc2172a1a7d9cb6978a031ef52ed55596/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmp, installer.exe, 0000000D.00000003.2635441252.000001D885A3C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      https://desktop-netinstaller-sub.osp.opera.software/r-sub.osp.opera.software/NOperaGXSetup.exe, 00000003.00000002.2866378247.0000000000C51000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        http://anglebug.com/5371opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                          https://extension-updates.opera.com/api/omaha/update/MT6Linstaller.exe, 0000000D.00000003.2708034650.00004D5400360000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                            http://anglebug.com/4722opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                              https://www.deezer.com/ru/logininstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                https://addons.opera.com/extensions/download/434b0a6daa530638a964132e86b8a01d7b39aa7c/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                  https://gamemaker.io/en/get.OperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                    https://addons.opera.com/extensions/download/aad01b6c6f7f2f01bea6584af044c96d8850f748/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                      https://crashstats-collector.opera.com/collector/submitJPinstaller.exe, 0000000E.00000002.2926616195.00004A50002C4000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                        https://gamemaker.ioOperaGXSetup.exe, OperaGXSetup.exe, 00000006.00000002.2922787938.000000000018A000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                          http://anglebug.com/7556opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                            https://autoupdate.geo.opera.com/api/prefs/?product=Opera%20GX&version=107.0.5045.79OperaGXSetup.exe, 00000003.00000002.2876049672.00000000041ED000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329765016.00000000041EE000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2329653768.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000002.2868631396.0000000000C89000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                              https://addons.opera.com/extensions/download/313b7f796952f2b34bf6bce6ba10a7b51bd18913/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                https://desktop-netinstaller-sub.osp.opera.software/v1/binaryera.softwareVOperaGXSetup.exe, 00000003.00000002.2869606187.0000000000C94000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2841379432.0000000000C89000.00000004.00000020.00020000.00000000.sdmp, OperaGXSetup.exe, 00000003.00000003.2843461930.0000000000C93000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                  https://translate.yandex.net/main/v2.92.1465389915/i/favicon.icoinstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                    https://addons.opera.com/extensions/download/505f20c0ceb331ebec9f6b8d9def5e0f59be4612/installer.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                      https://browser-notifications.opera.com/api/v1/Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe, 00000009.00000003.2278137134.0000000003415000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                        https://www.deezer.com/us/logininstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                          https://smolecular.icu/tfg/?src=setupIOSecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp, 00000001.00000003.2008449429.0000000000993000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                            https://autoupdate.geo.opera.com/https://autoupdate.geo.opera.com/geolocation/OperaDesktopGXhttps://OperaGXSetup.exe, 00000003.00000002.2850171237.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000004.00000002.2885993218.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, OperaGXSetup.exe, 00000005.00000002.2061459211.00000000009F0000.00000040.00000001.01000000.0000000B.sdmp, OperaGXSetup.exe, 00000006.00000002.2922787938.00000000001B0000.00000040.00000001.01000000.00000008.sdmp, installer.exe, 0000000D.00000000.2625540919.00007FF65F517000.00000002.00000001.01000000.00000012.sdmp, installer.exe, 0000000E.00000000.2628833836.00007FF65F517000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                                              https://word.office.comonexplorer.exe, 00000011.00000000.2707241317.00000000099B0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                http://anglebug.com/6692opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  https://issuetracker.google.com/258207403opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    https://www.deezer.com/es/logininstaller.exe, 0000000D.00000003.2707774182.00004D5400604000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      http://anglebug.com/3502opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        http://anglebug.com/3623opera.exe, 0000001C.00000003.2793241123.00006E54023AC000.00000004.00001000.00020000.00000000.sdmpfalse

                                                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                                                          Public IPs

                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                          204.79.197.200
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                          13.107.246.40
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                          54.225.130.57
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		14618AMAZON-AESUSfalse
                                                                                                                                                                                                          23.61.11.143
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                          142.251.163.188
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          37.228.108.132
                                                                                                                                                                                                          		unknownNorway
                                                                                                                                                                                                          		39832NO-OPERANOfalse
                                                                                                                                                                                                          142.251.111.104
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          82.145.216.15
                                                                                                                                                                                                          		unknownUnited Kingdom
                                                                                                                                                                                                          		39832NO-OPERANOfalse
                                                                                                                                                                                                          172.253.115.147
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          20.110.205.119
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                          107.167.96.30
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		53755IOFLOODUSfalse
                                                                                                                                                                                                          107.167.96.31
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		53755IOFLOODUSfalse
                                                                                                                                                                                                          1.1.1.1
                                                                                                                                                                                                          		unknownAustralia
                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                          142.250.31.138
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          142.251.163.119
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          172.253.63.95
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          37.228.108.144
                                                                                                                                                                                                          		unknownNorway
                                                                                                                                                                                                          		39832NO-OPERANOfalse
                                                                                                                                                                                                          104.45.184.134
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                          172.253.63.102
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          172.253.122.94
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          88.208.5.115
                                                                                                                                                                                                          		unknownNetherlands
                                                                                                                                                                                                          		39572ADVANCEDHOSTERS-ASNLfalse
                                                                                                                                                                                                          239.255.255.250
                                                                                                                                                                                                          		unknownReserved
                                                                                                                                                                                                          		unknownunknownfalse
                                                                                                                                                                                                          107.167.110.218
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		21837OPERASOFTWAREUSfalse
                                                                                                                                                                                                          107.167.110.216
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		21837OPERASOFTWAREUSfalse
                                                                                                                                                                                                          23.48.104.107
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                          107.167.110.211
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		21837OPERASOFTWAREUSfalse
                                                                                                                                                                                                          23.61.11.162
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                          104.18.7.134
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                          13.107.21.200
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                          142.251.16.156
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          96.6.42.17
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                          104.18.8.172
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                          142.251.167.95
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          185.26.182.111
                                                                                                                                                                                                          		unknownNorway
                                                                                                                                                                                                          		39832NO-OPERANOfalse
                                                                                                                                                                                                          104.18.10.89
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                          18.160.41.53
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                          185.26.182.112
                                                                                                                                                                                                          		unknownNorway
                                                                                                                                                                                                          		39832NO-OPERANOfalse
                                                                                                                                                                                                          172.64.162.29
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                          142.251.167.156
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          104.18.6.134
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                          192.229.211.108
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15133EDGECASTUSfalse
                                                                                                                                                                                                          3.21.115.179
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		16509AMAZON-02USfalse
                                                                                                                                                                                                          142.251.16.97
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                          104.78.188.21
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                          107.167.125.189
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		21837OPERASOFTWAREUSfalse
                                                                                                                                                                                                          99.84.191.43
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		16509AMAZON-02USfalse
                                                                                                                                                                                                          23.222.79.195
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		20940AKAMAI-ASN1EUfalse

                                                                                                                                                                                                          Private

                                                                                                                                                                                                          IP
                                                                                                                                                                                                          192.168.2.5
                                                                                                                                                                                                          127.0.0.1

                                                                                                                                                                                                          General Information

                                                                                                                                                                                                          Joe Sandbox version:40.0.0 Tourmaline
                                                                                                                                                                                                          Analysis ID:1417615
                                                                                                                                                                                                          Start date and time:2024-03-29 19:18:05 +01:00
                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                          Overall analysis duration:0h 13m 24s
                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                          Report type:light
                                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                          Number of analysed new started processes analysed:37
                                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                          Number of injected processes analysed:3
                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                                                          Sample name:SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe
                                                                                                                                                                                                          Detection:SUS
                                                                                                                                                                                                          Classification:sus34.rans.spyw.evad.winEXE@118/1236@0/49
                                                                                                                                                                                                          EGA Information:
                                                                                                                                                                                                          • Successful, ratio: 42.9%
                                                                                                                                                                                                          HCA Information:
                                                                                                                                                                                                          • Successful, ratio: 70%
                                                                                                                                                                                                          • Number of executed functions: 0
                                                                                                                                                                                                          • Number of non-executed functions: 0
                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                          • Found application associated with file extension: .exe

                                                                                                                                                                                                          Warnings

                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                                                                                                                                                          • Created / dropped Files have been reduced to 100
                                                                                                                                                                                                          • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                          • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKey calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtReadFile calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtSetValueKey calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtWriteFile calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                          • Skipping network analysis since amount of network traffic is too extensive

                                                                                                                                                                                                          Simulations

                                                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                                                          19:18:50API Interceptor4x Sleep call for process: SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp modified
                                                                                                                                                                                                          19:20:03API Interceptor8x Sleep call for process: explorer.exe modified
                                                                                                                                                                                                          19:20:04Task SchedulerRun new task: Opera GX scheduled Autoupdate 1711736395 path: C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe s>--scheduledautoupdate $(Arg0)
                                                                                                                                                                                                          19:20:30API Interceptor1x Sleep call for process: opera_autoupdate.exe modified
                                                                                                                                                                                                          19:20:34API Interceptor1x Sleep call for process: opera.exe modified

                                                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                                                          IPs

                                                                                                                                                                                                          No context

                                                                                                                                                                                                          Domains

                                                                                                                                                                                                          No context

                                                                                                                                                                                                          ASNs

                                                                                                                                                                                                          No context

                                                                                                                                                                                                          JA3 Fingerprints

                                                                                                                                                                                                          No context

                                                                                                                                                                                                          Dropped Files

                                                                                                                                                                                                          No context

                                                                                                                                                                                                          Created / dropped Files

                                                                                                                                                                                                          C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2E248BEDDBB2D85122423C41028BFD4

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:Certificate, Version=3
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1428
                                                                                                                                                                                                          Entropy (8bit):7.688784034406474
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24:nIGWnSIGWnSGc9VIyy0KuiUQ+7n0TCDZJCCAyuIqwmCFUZnPQ1LSdT:nIL7LJSRQ+QgAyuxwfynPQmR
                                                                                                                                                                                                          MD5:78F2FCAA601F2FB4EBC937BA532E7549
                                                                                                                                                                                                          SHA1:DDFB16CD4931C973A2037D3FC83A4D7D775D05E4
                                                                                                                                                                                                          SHA-256:552F7BDCF1A7AF9E6CE672017F4F12ABF77240C78E761AC203D1D9D20AC89988
                                                                                                                                                                                                          SHA-512:BCAD73A7A5AFB7120549DD54BA1F15C551AE24C7181F008392065D1ED006E6FA4FA5A60538D52461B15A12F5292049E929CFFDE15CC400DEC9CDFCA0B36A68DD
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:0...0..x..........W..!2.9...wu\0...*.H........0b1.0...U....US1.0...U....DigiCert Inc1.0...U....www.digicert.com1!0...U....DigiCert Trusted Root G40...130801120000Z..380115120000Z0b1.0...U....US1.0...U....DigiCert Inc1.0...U....www.digicert.com1!0...U....DigiCert Trusted Root G40.."0...*.H.............0..........sh..]J<0"0i3..%..!=..Y..).=X.v..{....0....8..V.m...y....._..<R.R....~...W.YUr.h.p..u.js2...D.......t;mq.-... .. .c)-..^N..!a.4...^.[......4@_.zf.w.H.fWW.TX..+.O.0.V..{]..O^.5.1..^......@.y.x...j.8.....7...}...>..p.U.A2...s*n..|!L....u]xf.:1D.3@...ZI...g.'..O9..X..$\F.d..i.v.v=Y]Bv...izH....f.t..K...c....:.=...E%...D.+~....am.3...K...}....!........p,A`..c.D..vb~.....d.3....C....w.....!..T)%.l..RQGt.&..Au.z._.?..A..[..P.1..r."..|Lu?c.!_. Qko....O..E_. ........~.&...i/..-............B0@0...U.......0....0...U...........0...U..........q]dL..g?....O0...*.H..............a.}.l.........dh.V.w.p...J...x\.._...)V.6I]Dc...f.#.=y.mk.T..<.C@..P.R..;...ik.

                                                                                                                                                                                                          C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2E248BEDDBB2D85122423C41028BFD4

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):254
                                                                                                                                                                                                          Entropy (8bit):3.0578008846792457
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6:kK9+sNlpLDcJgjcalgRAOAUSW0PTKDXMOXISKlUp:8sNlpLYS4tWOxSW0PAMsZp
                                                                                                                                                                                                          MD5:1338251D8056D8DABCA670706A5C27A1
                                                                                                                                                                                                          SHA1:EE2200F10C47D1BC18DE6DE03BD58A6CE66952C7
                                                                                                                                                                                                          SHA-256:5D6E2BDF6A9E76A39066A379AC8825BBACE7D68438C7FA598AE7C151A8FB70BA
                                                                                                                                                                                                          SHA-512:25B3C002DE3C05CBE5FAECAD343BD4086E89AE4D7D00C2FA72D57F45754D4D556BC682959B5D914B0CB20504037C5A956AFEAF1A992425AE941739A7CC9F61A9
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:p...... ....l....0.....(....................................................... ............n......................h.t.t.p.:././.c.a.c.e.r.t.s...d.i.g.i.c.e.r.t...c.o.m./.D.i.g.i.C.e.r.t.T.r.u.s.t.e.d.R.o.o.t.G.4...c.r.t...".5.a.2.8.6.4.1.7.-.5.9.4."...

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000015.db

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Windows\explorer.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):107064
                                                                                                                                                                                                          Entropy (8bit):4.025348499885685
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:/kYGWjvoGD6WyrMhIiIGEn0KFJKh1Qxhwpt:/kYGQAGD6hrMhIibKF6Qxqn
                                                                                                                                                                                                          MD5:5DCD558469E8D306BA03EABAEFE2569D
                                                                                                                                                                                                          SHA1:97D648A219D80B2E9D40ACB7CE53E7B79F611780
                                                                                                                                                                                                          SHA-256:EDC7011A8A20109D2A6350CD77B016C02D81100206EF852F362FC2D204D399FD
                                                                                                                                                                                                          SHA-512:BBEF17D987AFFBABDD0E0FDA780CB0B928152BC5C9B3360D29510C7AFC6C722E443370880E1F11D52A342CDA2FC9F6392DDFDD10FAAFD25294314AD335AECFFB
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:....h... ...8...........P...............Y...H...`...........(..........W.......e.n.-.C.H.;.e.n.-.G.B..............................P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>............................................a.l.f.o.n.s.....V.1...........AppData.@............................................A.p.p.D.a.t.a.....V.1...........Roaming.@............................................R.o.a.m.i.n.g.....\.1...........Microsoft.D............................................M.i.c.r.o.s.o.f.t.....V.1...........Windows.@............................................W.i.n.d.o.w.s.....`.1...........Start Menu..F............................................S.t.a.r.t. .M.e.n.u......................(..........P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>...........................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000016.db

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Windows\explorer.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):105184
                                                                                                                                                                                                          Entropy (8bit):4.0385543778533926
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:T7l6Pzk8G975szjk02kp4nVwRNMLqKyjLzMXPyAbR1vcSYB7smwypf34xeKWohIQ:gkf7Up4nVwD+vhIizG/n/sFrK1pTdA
                                                                                                                                                                                                          MD5:AF342F6A19533FA201024892E59CD664
                                                                                                                                                                                                          SHA1:F6739C86075BBD123C80CC5E9B18C67899B03845
                                                                                                                                                                                                          SHA-256:43FB539DB0029555B202799C7848CA42978D941C86C3BD9EF33060BBA4AC86D3
                                                                                                                                                                                                          SHA-512:6456F1D06C4FEEAD79D0C381A5F12B1BB82DC278C0E1F606391FE1B317085EF002DEEE86CC075EA14AAE758E665148B6DF62F02EF986E0997BC9334AD12F5CA0
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:....h... ...............P...............Y.......`...0..............x...W.......e.n.-.C.H.;.e.n.-.G.B...............P..............P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>............................................a.l.f.o.n.s.....V.1...........AppData.@............................................A.p.p.D.a.t.a.....V.1...........Roaming.@............................................R.o.a.m.i.n.g.....\.1...........Microsoft.D............................................M.i.c.r.o.s.o.f.t.....V.1...........Windows.@............................................W.i.n.d.o.w.s.....`.1...........Start Menu..F............................................S.t.a.r.t. .M.e.n.u......................(..........P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>...........................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\Opera_GX_assistant_73.0.3856.382_Setup[1].exe

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1499104
                                                                                                                                                                                                          Entropy (8bit):7.985603261747699
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24576:4ACKcQz8HkfJ8dQnd4GrbwsgY+UfLBCQdI5f3cjCRgCPPWCUZry8k/GUrbN:5pT8HkfJ5eGrbmR0afsXCBrG
                                                                                                                                                                                                          MD5:E9A2209B61F4BE34F25069A6E54AFFEA
                                                                                                                                                                                                          SHA1:6368B0A81608C701B06B97AEFF194CE88FD0E3C0
                                                                                                                                                                                                          SHA-256:E950F17F4181009EEAFA9F5306E8A9DFD26D88CA63B1838F44FF0EFC738E7D1F
                                                                                                                                                                                                          SHA-512:59E46277CA79A43ED8B0A25B24EFF013E251A75F90587E013B9C12851E5DD7283B6172F7D48583982F6A32069457778EE440025C1C754BF7BB6CE8AE1D2C3FC5
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 1%, Browse
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L...'..P.................(...F.......-.......@....@.................................7........................................b......................H................................................................@..d............................text....&.......(.................. ..`.rdata...5...@...6...*..............@..@.data....)...........`..............@....rsrc................h..............@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P....P.|..Y.nj'.v....u..v..=.BA..6P......P....9^..].v8.^..3......hhDA.P..........P......P..pAA..E..E....;F.r......P.J|..Y.24..j...lAA...t$..D....3.9.H.A.t...@....9D$.t..t$.Ph.....5@.A....BA.3.....D$..`...|$..u..@.....3.....t$..D$..t$...`.A......t$...P.Q..%`.A...D$...V...t...P.Q...^...VW.|$.....t...W.P.....t...P.Q..>.._^....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u..S.\$.V..C;^.tLW3.j.Z...........Q.......3.9F.Y~.9F.~...f..Af..G@;F.|..6....

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\Opera_GX_107.0.5045.79_Autoupdate_x64[1].exe

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):142198520
                                                                                                                                                                                                          Entropy (8bit):7.999995421447281
                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                          SSDEEP:3145728:4PPyb5NN6TkxOYod/OocWSqlsw6I3iYwiA1+ulOYZ:gP4Z0/jl0vVB+usg
                                                                                                                                                                                                          MD5:E5C66BC2A10855CB4164EEF86F92FB0D
                                                                                                                                                                                                          SHA1:9453AA10DE00E311EE3415D1C07F1990FE6FB491
                                                                                                                                                                                                          SHA-256:FD238E7993A9800F8B9D5C0C0F4FB90E624823BC4A085F658F9544296A4A967D
                                                                                                                                                                                                          SHA-512:CFE5614CD7FBA269DC89A69240382B42649AA45449266447EC29E95A01C69D898F317AD75E07651BD75AB7FCF42C1E6E1731457F91A51397810744D95F1F96B9
                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L...'..P.................(...F.......-.......@....@..................................z......................................b......................X.y..)...........................................................@..d............................text....&.......(.................. ..`.rdata...5...@...6...*..............@..@.data....)...........`..............@....rsrc................h..............@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P....P.|..Y.nj'.v....u..v..=.BA..6P......P....9^..].v8.^..3......hhDA.P..........P......P..pAA..E..E....;F.r......P.J|..Y.24..j...lAA...t$..D....3.9.H.A.t...@....9D$.t..t$.Ph.....5@.A....BA.3.....D$..`...|$..u..@.....3.....t$..D$..t$...`.A......t$...P.Q..%`.A...D$...V...t...P.Q...^...VW.|$.....t...W.P.....t...P.Q..>.._^....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u..S.\$.V..C;^.tLW3.j.Z...........Q.......3.9F.Y~.9F.~...f..Af..G@;F.|..6....

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\1698947853-custom_partner_content[1].json

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (1824)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1344708
                                                                                                                                                                                                          Entropy (8bit):6.081849998191263
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24576:idUTvr+x0E4H3CAHkd0OhPVVUCs4dxemFiG7V76d5vQVUCaxU:iKTHhySkuz/G65v1y
                                                                                                                                                                                                          MD5:1FB07CF2B20D516ADC1067D9C4C57BB7
                                                                                                                                                                                                          SHA1:DA0BFEB9A98B2FDAF422A1B52FFA33ECA0684EA1
                                                                                                                                                                                                          SHA-256:294592F92BDDA407A531D81D64B7D141979F7B5B052370C1041430530DB7C481
                                                                                                                                                                                                          SHA-512:F4B17E1E60281465A3288E5BDE7C537AC419236A72B680AD533E93CAE81DC8E12221339A737C27257B0A561192F655C70230D818EB0219CCB5E4641B5FF811D8
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:// DUwgkzpRs2UBZDQI77+cT3P6rFCB1A0dTs323s0P8VwKPNxJg7UC76QDbcCRMySUWu6oS1yzTCguRlUYTcidqpeZdtHOL09/z+luPzIHHqB/vQ9rnmKvNPJpGrBJkKfytTOuw9v8frDeZaeH6r4iB1b3IcxXDVBG/cZiVMvhj0/b9SbAbkgN94GUrDjIArHEo49eBMFcYKuLFjOUmbiRuESFn3Rlx1SFNsPk2GEohrRvsb3Fzh9UH6hwKFUEBxwUWIGMtPpf2rIDmUxAEUigjvrWMiGoDk4x5FdM+p5livY9OVeyVGtcfDm8zZJ3psJ6Uz8cqK1ZhYsebZFUup9rZA==.{. "version": 32,. "partner_id": "std-1",. "user_agent": "std-1",. "search_engines": {. "location": {. "ad": {. "other": {. "list": [. "google_com",. "yahoo",. "duckduckgo",. "amazon",. "bing_attributed_ysrcunow",. "wiki". ],. "speed_dial_index_list": [0]. }. },. "al": {. "other": {. "list": [. "google_com",. "yahoo",. "duckduckgo",. "amazon",. "bing_attributed_ysrcunow",. "wiki". ],. "speed_dial_index_list": [0].

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\features[1].json

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1523
                                                                                                                                                                                                          Entropy (8bit):4.399292637963254
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24:YPiRyiRAS3R+GRH4rRUtRCRMR6mR9R5DR3RoRY+RWEIiRGiRCR8xRIjRuAcBpDRC:YqRyiRhR/RYRUtRCRMR6mR9R5DR3RoRY
                                                                                                                                                                                                          MD5:B7C15128A1E2AA333069D2797BFEFD6E
                                                                                                                                                                                                          SHA1:5BD78BF3DF58921E80A72895BFDF2DE3F6549A50
                                                                                                                                                                                                          SHA-256:FA5789F32C280FCDEA8E61CA8A322F859390C64CE8776D131CE73421D9882A93
                                                                                                                                                                                                          SHA-512:DCC4EA98D587CDBC7FB21A7EB383938CE70744DF897EC9D8A7BCF1532E1028D0D1395B9732494FC3196AD2D080D33F5F2153A82A3DFC0F2F055D5E31B50DA75F
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"features":{"01979299c8cd":{"state":"enabled"},"13e025f64bd6":{"state":"disabled"},"13eeaf851da7":{"state":"enabled"},"15322f489976":{"state":"enabled"},"1ad69b007ce5":{"state":"enabled"},"1c4dddb65bac":{"state":"enabled"},"1d24dceb937a":{"state":"enabled"},"278deecb29a1":{"state":"enabled"},"2c1429a5a72e":{"state":"enabled"},"3389f6c15eb9":{"state":"enabled"},"40db6e644d2c":{"state":"disabled"},"50796754ffc7":{"state":"enabled"},"5448a57d6689":{"state":"disabled"},"54726ed4401e":{"state":"enabled"},"56d717ae3ad6":{"state":"enabled"},"5a28d66c82cd":{"state":"enabled"},"603cade21cf7":{"state":"enabled"},"654296fe9d6c":{"state":"enabled"},"818c3ef12d0b":{"state":"enabled","dna_filter":{"required_dna":["64336fb81a04836eb8108d24fbca3aa3682db0a5"],"forbidden_dna":["5b3eb4a6c335a0659d16d1a189ca155e4441ea14"]}},"8511df77ed15":{"state":"enabled"},"970fe421a344":{"state":"enabled"},"9ec4e68ae70a":{"state":"disabled"},"b2a2a32b832b":{"state":"enabled"},"b7751444d14a":{"state":"enabled"},"b9677b

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\data_0

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):45056
                                                                                                                                                                                                          Entropy (8bit):1.5782420290561074
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:192:dNYsLXKixA+ibMlwTkPhE2cSsYNEPsqN7l/vw2tvVP94Yo:d+sU+ibXTku2cSvN/qRl/0
                                                                                                                                                                                                          MD5:D23E72F49AC300CB38FE2825115373A6
                                                                                                                                                                                                          SHA1:7903C9A9C53E04F0391B6EA6A4440E237A8E9B92
                                                                                                                                                                                                          SHA-256:BAB3520927A787D7EA3BE12D2918B7F762F5B10E7DC07676CD36DB807AA67190
                                                                                                                                                                                                          SHA-512:6ECAFC811491883D2D72C2E2AA885A0EB69AAD36E813736CDCF70E56EA8D2D49767297D92082E38C196B9C3624EB53C112D5F7881856312996CCA12A54B9A182
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\data_1

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):270336
                                                                                                                                                                                                          Entropy (8bit):2.936568291408256
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:nuOeDhYbrHZuiO3qqj/h2am05o22CPa4U:udDhYn5sjq05Z2f
                                                                                                                                                                                                          MD5:E75E88498027D92A327851B2E2C031A6
                                                                                                                                                                                                          SHA1:6D781679929777E5516EA46950EEA90248B32C83
                                                                                                                                                                                                          SHA-256:98AEF573FE0CF675117857492EAF3455955CB5F6ED4F1B21401053964B9F23B8
                                                                                                                                                                                                          SHA-512:C9BBF0902578FACB218FD5A65050000B1F49A62375B7EAF14074DC6158E2AFC1227CFF438637DA3C9EB534469153EB6F968516633EE4C6EC85F54544ED00B950
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:................L.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\data_2

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):2105344
                                                                                                                                                                                                          Entropy (8bit):4.561363137892783
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3072:FFRt3PSEq+NnVSx0k7GaXx3GaXx+ddys9Drt5BXuxqYLTa5D6b3lC:FRI+1dMsZt5BhYLTa47
                                                                                                                                                                                                          MD5:673B5E69D1E5190A710CB32A7511AD49
                                                                                                                                                                                                          SHA1:18888ED7FF8A92FE356DFB70AD6EEB857679AC46
                                                                                                                                                                                                          SHA-256:BCB109FC3FAAEE573756EDDC9611802943F652814EB4318E4521C3EC51D62D3D
                                                                                                                                                                                                          SHA-512:B06226D70FF43BF5C09F6536D6F3579C28062FD39E788F1B4D74E8A2FD93D4EED8A22EF2ECA80549C4D5210880EC63BBC3A9176400356270819EC09BA4124F2C
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:................+...................................#...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\data_3

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):4202496
                                                                                                                                                                                                          Entropy (8bit):2.251248661269294
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24576:3Zim3HgR+zL+HSQUNULUFUhURKWLeCn3mXiFcWZ:3Zim3HgUzL+yrLeHyX
                                                                                                                                                                                                          MD5:12B960EC1E9025A1E6406BD7142E204F
                                                                                                                                                                                                          SHA1:AEDE287F0006017D353D5F76087E09123F6217BF
                                                                                                                                                                                                          SHA-256:74E0A626A0CDFD87630A5A59A5BF8F417B65BE41EAF399A2940E383F379E65A2
                                                                                                                                                                                                          SHA-512:AEFD46BE6D9EC3A590789A06DF6185921673C8A9C1B394A8B17BA88433AD9EB918F9A68DF5EA5408AE1AE2309FD79AC16F26977FF4AE6D2EC68998C81ED12E66
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:................j....... ......................................................................ww....w.w.........w..ws..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000001

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (49525)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):179256
                                                                                                                                                                                                          Entropy (8bit):5.382954896250264
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3072:lXN5l+PN3NpnQ2oY8IGI3vzL61qsMY2meNkkEDZpu//A/FS5g:l95lgG71qsJIOkEDZY//A/d
                                                                                                                                                                                                          MD5:2AA9094D225A4197394B173E77F8722B
                                                                                                                                                                                                          SHA1:63478FD6245BE38260007E818119EC37A409BBB3
                                                                                                                                                                                                          SHA-256:46C71F4549663C5304CE350447025DB57E8B771D37F2427FE9CABD971F0F24DD
                                                                                                                                                                                                          SHA-512:DF098137B0CD6ACB3D2D2AA6A30A8A3302A74B47E67FADA54E6377F4726790DFE53F6B90BEF7AFEA93DAAD79C54770FBD65929E07BD04A5FEEFA1798763820F0
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:(function(){try{var e=typeof window<"u"?window:typeof global<"u"?global:typeof self<"u"?self:{},t=new Error().stack;t&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[t]="a8225bd0-7159-4e04-9948-78b2d86cb6f8",e._sentryDebugIdIdentifier="sentry-dbid-a8225bd0-7159-4e04-9948-78b2d86cb6f8")}catch{}})();var qo=typeof window<"u"?window:typeof global<"u"?global:typeof self<"u"?self:{};qo.SENTRY_RELEASE={id:"corner-desktop@5.13.0+6626"};function D(){}const Zt=e=>e;function Vo(e,t){for(const n in t)e[n]=t[n];return e}function Wo(e){return!!e&&(typeof e=="object"||typeof e=="function")&&typeof e.then=="function"}function ji(e){return e()}function Br(){return Object.create(null)}function oe(e){e.forEach(ji)}function ye(e){return typeof e=="function"}function Xo(e,t){return e!=e?t==t:e!==t||e&&typeof e=="object"||typeof e=="function"}let xt;function $r(e,t){return e===t?!0:(xt||(xt=document.createElement("a")),xt.href=t,e===xt.href)}function Fr(e){return e.split(",").map(t=>t.trim().spl

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000002

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):183955
                                                                                                                                                                                                          Entropy (8bit):5.132262442335376
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:/ejFU9yb5abYO3/Cg7eEHU+Yz110it7n7MQd2MFN:27b8jGVl
                                                                                                                                                                                                          MD5:CB5DAB4C23CAB678B12A44A03455D6BA
                                                                                                                                                                                                          SHA1:547A8D7056EEAE96D1529F7B2A6EBD64A282888C
                                                                                                                                                                                                          SHA-256:8178D1BCADE69FE8DAF3D49515EDB867E28417C9FCC570920CE814776A98D061
                                                                                                                                                                                                          SHA-512:6015571C82A4DE9EBECF6D8CF84EE7C3F46EBF5328893687E1A9B8D973D90F000A0E0D6C135261E540464165437EEAF8935538801B1D425024A6CB52CF326A89
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:img{max-width:100%}img+h1{margin-top:.46em}.lazy-resolved img{height:auto}html{font-size:62.5%;scroll-behavior:smooth;scroll-padding-top:6.5rem}@media(min-width:1024px){html{scroll-padding-top:7.5rem}}@media(min-width:1824px){html.large-screen-ready{font-size:65%}}@media(min-width:1924px){html.large-screen-ready{font-size:88%}}body,html{height:100%}body{background-color:#fff;color:#000;display:-ms-flexbox;display:-webkit-flex;-webkit-flex-direction:column;-moz-flex-direction:column;-ms-flex-direction:column;flex-direction:column;font-weight:400;height:auto;min-height:100%;overflow-x:hidden}:focus{outline:none}main{-webkit-font-smoothing:antialiased;box-sizing:border-box;flex:1 0 auto;font-family:Be Vietnam Pro,Roboto,sans-serif;letter-spacing:.02em;line-height:1.5;overflow:hidden;width:100%}@media(min-width:1224px)and (hover:hover){main{overflow:unset}}main,main article,main aside,main details,main figcaption,main figure,main footer,main header,main hgroup,main nav,main section{display

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000003

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:PNG image data, 742 x 942, 8-bit colormap, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):110481
                                                                                                                                                                                                          Entropy (8bit):7.948420085309236
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3072:wN6LzbEzOpFQjuUCKbHig72R4c3C4tshxLvpdl0ifN/:wyEGQjuUCKWw2pTKtdl0iV/
                                                                                                                                                                                                          MD5:CAF9DBA66D56E14DE32D32E040C0D1F6
                                                                                                                                                                                                          SHA1:A69A92EC7719D6992640A8CD26E1501BDF42556F
                                                                                                                                                                                                          SHA-256:CEC63F3EA6863E556F02C79067F2F1E2CF3C18A137126C764C9B7EB0581761F5
                                                                                                                                                                                                          SHA-512:D133E6B4A4FB1632E2F5B4F821E6B1F6435FC5A0EC8716758ECFF245950A6A2A9B7D2CDB52D3DB2F973812EE4BF9B6FA578A2324B54EEDBA840F08ED67A92B09
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR.............|;".....PLTE.......................................... !&$'+*-212............:9;..................@=Aqnr....................`^`...NMO......FDG...............ZUZRMXMEK..................B9bqd..{.1*F........!..!..{vz..&Ep.$..'..'..+..+..I..:..x.)..6..G..L..N..A..>-."..4F..1.......>d.%2..6..t.'^.#...1.#.....36.$..7Y.":.%9..|.)@.&N..@. ...E.*k.&R.%I.%M.-T. @....=p.'U..M+6[.4...idh...b%:\.)e.1...#..g+Cl#;'..*..o,F.....+p.2v0Kj.+2.....u.:...x&B6...0M;...%B@..F..M5Axcj[FQzDW.g|fOY......_@J..;.8V<$/......D+6L.....fGQ...&FpV^.x...V6By.2....r.Q..u]e....ltgSd.^r=.(V...+Mb...ho...7]\....;i......,P.Ed.Rep.!. ?y.$..*..&.!B.:e.0X..*..-.#G.Es.&L.8e.1[.*R.<kW=Hygz..E.2_.>I.(R.!H.Cu.z..NI.53......gf.-?.PmUf...dw.t..Rh....(.V]....w|.. .C.GLR.u..n.s`sf\l.(..@..E..3..d*..x..O.W%...1tRNS.....'/;FWf......................................}.......IDATx...[.../4C.RT.f2..t.?r....;C....{....f.m..b...ecK[..<..$...SVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV..h.X.O..

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000004

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):183803
                                                                                                                                                                                                          Entropy (8bit):5.550411005450225
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3072:vD/LOhR8mEx3cWizJCD6MkEwjsca60yAntQ55:7/LOhR2VJIJVMkqS0a
                                                                                                                                                                                                          MD5:89BB1D0C7C68482CD0C29472820A7EB4
                                                                                                                                                                                                          SHA1:219AE75C8DB6045572D6BB01DFC21A7ACD2B5353
                                                                                                                                                                                                          SHA-256:61E6D1BBC432C3963365A2B7BC166FD83A1B884ED3584EFDAAFF66D24E9A4E9B
                                                                                                                                                                                                          SHA-512:E546660DAE658F3BFBE90B59A7420C09557DA63A3F55848C1905EDC0DE05AFB966F741467F3B625A0D2544458B14A88EA314712960C15DD73B30B89F7FDE0F82
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:!function(){var t={9552:function(t){"use strict";t.exports={aliceblue:[240,248,255],antiquewhite:[250,235,215],aqua:[0,255,255],aquamarine:[127,255,212],azure:[240,255,255],beige:[245,245,220],bisque:[255,228,196],black:[0,0,0],blanchedalmond:[255,235,205],blue:[0,0,255],blueviolet:[138,43,226],brown:[165,42,42],burlywood:[222,184,135],cadetblue:[95,158,160],chartreuse:[127,255,0],chocolate:[210,105,30],coral:[255,127,80],cornflowerblue:[100,149,237],cornsilk:[255,248,220],crimson:[220,20,60],cyan:[0,255,255],darkblue:[0,0,139],darkcyan:[0,139,139],darkgoldenrod:[184,134,11],darkgray:[169,169,169],darkgreen:[0,100,0],darkgrey:[169,169,169],darkkhaki:[189,183,107],darkmagenta:[139,0,139],darkolivegreen:[85,107,47],darkorange:[255,140,0],darkorchid:[153,50,204],darkred:[139,0,0],darksalmon:[233,150,122],darkseagreen:[143,188,143],darkslateblue:[72,61,139],darkslategray:[47,79,79],darkslategrey:[47,79,79],darkturquoise:[0,206,209],darkviolet:[148,0,211],deeppink:[255,20,147],deepskyblue:[

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000005

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:PNG image data, 894 x 512, 8-bit colormap, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):66977
                                                                                                                                                                                                          Entropy (8bit):7.975266461134708
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:/x0sD98c6CqLbdaqk+EzJO3+idGnv8wXYW8reC:p0sD98c6jaTzJO3F+PXcqC
                                                                                                                                                                                                          MD5:D65CF3057A2A83C9084460DF1109F701
                                                                                                                                                                                                          SHA1:C638170E13ED0AD777150E6179A9FB05B0DC4689
                                                                                                                                                                                                          SHA-256:1098BCECE02EFE3B0BC68A26ED1E52E743FB055B4A841850B8868DA2037FF7B5
                                                                                                                                                                                                          SHA-512:8F9EB5F9D363EA6346A9D0E336B3C04AFB46B3E0F378BA5DE0143E19C47B10EE8790D9517AD81A87FBD16AED5A83975B9A1C21DD32BE7BBEF45987C579FAEF59
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...~..........N#....PLTE.....L..N........................!!!:::..M.....LLL..O..M..M........L]]]...gggqqq.........us~$-s%/u...>=E!+l&0w/*7=M.#,n#,p )h<K....@P...CS.AR.!*i?O.'1z..N(2}CT.*5.0<.;J.-8./;.9H..:.4A.*5.)4.DU.6C.,7.1>.8F....+6.7E. (d$&+3@...@)3..'_&(-......EV....z.-.%[.........##*..!!!'9:B.[+..$.zy)+1......,3sqoz77?-.5......44<O]...HJT019..4_[r..,....#U@?F)%1=@ILP[DFQ......mlw@CMLMVEDK...jhq....!O...T."...8A~SQYb`jfdn[Yb....VT_...BK...........^]f..ELU.Zh......y..;Bs...q}.ou.^e.......-4d1..B........k.'......JQx...%.......9dg.....i$.....W^......3..KZ...v|.7,*.....E..O.....H^.&*" yx.c;......Ahp.uG....]f..Y........w!L/.........TWE43[69.........ur............P.....jk6......`a..srsl^XNB?{ke....F.xq=Ch..}_OK.-......rIKy/H..:..E..7....WU....q..<...6Kg......tRNS........-=Mat....$k...B........:...@IDATx..n.@..W..p.....L.m....,.+....JP ..,......E^ .CAK.EP.......$..v%..o..69N..9s......................{....!.....8...0.X\....$.../.H...K...KBX.p.C.rd}

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000006

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (3571)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):260232
                                                                                                                                                                                                          Entropy (8bit):5.548800881054804
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3072:2AF5QU3Zw2yU/24yI8UNzPQYEFy68aLBO1ggey0enLHW6WEkXqDVRUYodk:2ADw1E4YP9CE1ggey0enLHJWEkXqpR1
                                                                                                                                                                                                          MD5:786FEC25873FD2603E79565E8C650611
                                                                                                                                                                                                          SHA1:EFA5922576665757ED0A5B904BEBF0DE86165ABE
                                                                                                                                                                                                          SHA-256:8D3651B112F945D12CCBCDF9337AB576ACF0E586A3CFDBF3E09B6FFF42328FE5
                                                                                                                                                                                                          SHA-512:D7C41548E3EA8097E5BD6A82680C19ACC9CA0CE8E6D8DD1A270100428C652F648EBDAD8B94CA84F3A940D5F6388676A8B7547B162042E7273F3BC3A9756FDD16
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"49",. . "macros":[{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__e"},{"function":"__u","vtp_component":"QUERY","vtp_queryKey":"utm_source","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__v","vtp_name":"gtm.elementClasses","vtp_dataLayerVersion":1},{"function":"__gas","vtp_cookieDomain":"auto","vtp_doubleClick":false,"vtp_setTrackerName":false,"vtp_useDebugVersion":false,"vtp_useHashAutoLink":false,"vtp_decorateFormsAutoLink":false,"vtp_enableLinkId":false,"vtp_enableEcommerce":false,"vtp_trackingId":"UA-4118503-39","vtp_enableRecaptchaOption":false,"vtp_

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000007

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:PNG image data, 683 x 887, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):221871
                                                                                                                                                                                                          Entropy (8bit):7.989927789874321
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3072:frqmFYD3ZeWfRQna8GwPCWHKftOE0Q7DQyeu4vV08DDLXYSk/VxaSSGkXi7:frjWfG7vvHKh3UzvFDHIXMSSGKi7
                                                                                                                                                                                                          MD5:DA18470476DEB24C61729DE13B781659
                                                                                                                                                                                                          SHA1:594D8E07D1B48914CBB53BB8920B39DF18B7A3AA
                                                                                                                                                                                                          SHA-256:DBE41B786CD6A53BCF72DDB1FAFB4D0A920B8E1F1E7FEF54ACAE1E900D290996
                                                                                                                                                                                                          SHA-512:1D6556E85FA8FF5C772D44C673DABB6BBEE612087A1F6E1D3CF5E2745EBD1278D370614298174A6DFC55EF2A5774535E8C0EE91B71DC6AE78B226D4E3D152E66
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR.......w...........bvIDATx...7..!.....J...;x..l.+f..w.......................................................................................C.....?....m[l....YJ.k.cJ.$..q.....e..`.I.0>.{M..*...lE.^t....l#>.m..].m..'.I..?..._2.._..<;...ell..Z..............9. .cijj...8`.......w#....."...2o.|..B.YH...Ti.\...#..&.\...V.w....5..^.R.....Juu.h..BHV.%.*..D*..U....]...0..............>...}.?......}..O......%...9'..B.q.[RR.^YY..z..Lj...."....;.1.....B(VU.Joo.`.aM...ZSS......>..\...5^X.gL...D...Q.....M.!/...T..A ..B.....h...[:.6,--mG.T3&211. (.FPB..5.+,..r.!.B......M...g.`.(........gv...8.X...?...C.....7<.t...!...Y..w)//.B3!K4...&Ra.W..Q;[.2..!dA....3.e.W-.2..k..z\E.g}}}..J..+p..S.W__/...fz{{....54....s...?::...:..Y@.{.TBVP...eXq.4....e.h...B.+vhF....];<<......4.B...`c..UZZ...9.i...S...7..R;S...gP...xM.).>)n...fL.....O..._...>(".B...|.r!......_.[WW....=...]...c."p.@....Q..B.-&Va.]M..Kp...0..f.......X..}B..w.'.!.....;.Q3.......".4."....Q...a".,.

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000008

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):125667
                                                                                                                                                                                                          Entropy (8bit):5.495889029096188
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:k0ccXHcct/8A4CnW9OqqpLJ31U8i8bqeCuA5qFwENXufuXufu8uY0DguywMWMXZv:vcOcEpN3m8i8OVWXufuXufu87uywtMXl
                                                                                                                                                                                                          MD5:F8990BA62F33CB6E3ADFC6BC34F27089
                                                                                                                                                                                                          SHA1:C5D195A8017764976394C20CE6F2765CC48E0B14
                                                                                                                                                                                                          SHA-256:5920B740DE64D877C8959FCB54871F598DDCE457E52DCD68309BD21BDE3210D1
                                                                                                                                                                                                          SHA-512:A81184FDEDF0B16E3FB0107DF90F40729B5A6F58A8A3B05C67205B7BBF13721FFA0F8266BC720AFEFB75C8522DF0A604393ADA70003373387BF2BF89FAE327FF
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.colors.svelte-1kkf556{display:contents}.button.svelte-41rzyv.svelte-41rzyv{align-items:center;align-self:var(--align-self,stretch);background-color:hsl(var(--color-N20));border:1px solid hsl(var(--color-N32));border-radius:var(--border-radius,2px);box-sizing:border-box;color:hsl(var(--color-font));cursor:pointer;display:flex;font-size:var(--font-size,12px);font-weight:700;justify-content:center;padding:var(--padding,8px 16px);text-align:center;transition:opacity .5s ease-out;vertical-align:middle}.button.primary.svelte-41rzyv.svelte-41rzyv{background-color:hsl(var(--color-accent));border:1px solid hsl(var(--color-accent));color:hsl(var(--color-font-accent))}.button.primary:hover.desktop.svelte-41rzyv.svelte-41rzyv{background-color:hsl(var(--color-A120));border:1px solid hsl(var(--color-A120))}.button.primary.disabled.svelte-41rzyv.svelte-41rzyv{background-color:hsl(var(--color-A30));border:1px solid hsl(var(--color-A30));color:hsl(var(--color-N32))}.button.secondary.svelte-41rzyv.svel

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000009

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (46335)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):420014
                                                                                                                                                                                                          Entropy (8bit):5.574785871915572
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6144:dadWAD/1+bMPeCE1ggey0enLHJOEkXqpVUrp+uPC3:k0WUbMPrEqgey0enLHvUrp9u
                                                                                                                                                                                                          MD5:84D4B8103F7A61D6F7C6E0E363614318
                                                                                                                                                                                                          SHA1:A4F29ABD475FC846284F569AB44F2669D4B29E8B
                                                                                                                                                                                                          SHA-256:E80FBC6FCC47E0A8F31C9390EDBE26C255309473AD22B26BF427E60CDBE71455
                                                                                                                                                                                                          SHA-512:FD438366CEB52CF38D484AE3CBCE157629109ACEB3A37B32876F66C5CB4EE2E34491C5EF0BA81C75F0A2C22890431CD17DE7BA29A0C47B92674F0A4D05C07E25
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"362",. . "macros":[{"function":"__e"},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__k","convert_null_to":"GA1.2.","vtp_decodeCookie":false,"vtp_name":"_ga"},{"function":"__jsm","vtp_javascript":["template","(function(){var a=\"GA1.1.\";return a=",["escape",["macro",2],8,16],".substr(a.length)})();"]},{"function":"__k","convert_null_to":["macro",3],"vtp_decodeCookie":false,"vtp_name":"gclid"},{"function":"__gas","vtp_cookieDomain":"auto","vtp_doubleClick":false,"vtp_setTrackerName":false,"vtp_useDebugVersion":false,"vtp_useHashAutoLink":false,"vtp_decorateFormsAutoLink":false,"vtp_enableLinkId":false,"vtp_dimension":["list",["map","index","4","dimension",["macro",4]],["map","index","3","dimensio

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00000a

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (64032)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):589079
                                                                                                                                                                                                          Entropy (8bit):5.505405618282047
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:12288:NZKiQnsx366wF4TPP1fRW+wgVm/K8lYlE34YunqLfid5dHMi2ZLrv+njVu7NNPXA:Nhkq366wF4TPP15zbVm/K84E34YunqL+
                                                                                                                                                                                                          MD5:E36AB5D5F38B1A9650E8F6979D8A2C26
                                                                                                                                                                                                          SHA1:C15F8BABC6FB4FED0F3E952B37499F88C1640D8A
                                                                                                                                                                                                          SHA-256:91918AE89458C10C420209F1F1A57CB292B5576DDD195473D2538C7EE3819015
                                                                                                                                                                                                          SHA-512:199D0DD038B0C19A4A9405401640C94C4A9FCCC21EA8049872F9EB824C7D71501CDB680613D97A0BA4295BCD0E1C4990355FFFB324F7746C5C7AFF4273E0E18D
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:function __vite__mapDeps(indexes) {. if (!__vite__mapDeps.viteFileDeps) {. __vite__mapDeps.viteFileDeps = ["assets/GamesDeals-Y3izAFyA.js","assets/vendor-rii-AV_l.js","assets/Badges-CuIfQk-d.js","assets/Badges-DtURwYrQ.css","assets/index-DtMr64Oc.js","assets/index-BRRDBs1E.css","assets/index-DQE_taSP.js","assets/strings-D9eBrPdG.js","assets/GamesDeals-BUELdmmC.css","assets/Stores-C0USjB1a.js","assets/Stores-f2rU9E8n.css","assets/News-BKO8KtbO.js","assets/news-CDLEvZ7G.js","assets/News-B76hfSrT.css","assets/Trailers-2g7-wYZQ.js","assets/Trailers-D_RtdYi6.css","assets/VideoHero-D4Ko9yo2.js","assets/Hero-KRGNLa6L.js","assets/TempBanner-DUEimgu3.js","assets/TempBanner-AcaA64O8.css","assets/Hero-sTJbxqxT.css","assets/VideoHero-vZN47iXX.css","assets/CollectiblesHero-BLDvEpEr.js","assets/CollectiblesHero-v5epPvz7.css","assets/Stream-CQu19eZp.js","assets/IntersectionObserver-DZG7XBCV.js","assets/campaigns-DNj7talR.js","assets/Toggle-DtOd5MZa.js","assets/Toggle-DVfzmk57.css","assets/Stream-

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00000b

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):101674
                                                                                                                                                                                                          Entropy (8bit):7.996614094375929
                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                          SSDEEP:3072:En77f4gSxZ6PAGfi9Xhb2Bvnv2Qy/bkcVf:Y77wgByXhKBvn+9wcd
                                                                                                                                                                                                          MD5:0A62F36BB38ED6A98DD74B807EECE6B6
                                                                                                                                                                                                          SHA1:AF24663D2A25C54526A3659337E1A28A729D7C01
                                                                                                                                                                                                          SHA-256:00E676EB239892B91B389AE4EE0FC68A9451661E28F47799FBD89FBB87357E68
                                                                                                                                                                                                          SHA-512:111057C82D6B1C89EB070C0101853FC4C15398A4AB177CF692B6AA7BE6C9B1138D22ACA06CE99CE1B25F5FC55F3AEAC7D9FB3724FEB8850BF020E5B323983BBF
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:[..4.i[Ls...l..C.(l...*...:.c..........1...e;......f.??_.;mgS2^...G..N.$.L.bT.....$....O......|5ur8U.e........c..8d"l_..6C..6u....oC....k..Q...mj0"B.r<[.|.s.....Y...|..^M.p-.......Lr.....TR.$@.Yz..2.dk{.W.)0.g..:.h..M...M..^.u.6(...q...|.}.J.....6f...R.& .........B..........U..%......s*s.e.IJ...9.nu...{.3._...........2>@. .......@Q. ..... ..CJQ=$..#).WP.AE...(#....}.Z)EvwDT.3..=..x5c..g.k.s.1g.....t.@.@.......G.5F.....1........./.Ywo2.B.....Y...j*!0@../.....,...a...o..Y.MK...-...<...n)Z...7......._B.!.....K..|...3.4...#.....r8Wj.}..k>.....e.....nX.........7.U....`8....ya.i.d0...Chw....7 .....C8..g..@.,....80.r.._..X..\.,%....>....J...C.\.........n....".....Uj.......`.....y8...+.|..*|B.U.Y..@RJ.:........<.,.....L.0......\.g.M..6.v.b..;..h....5...e.F{.....@..no6.....7.Kgb.q..\....+....7J%=...P,..'O.....<p.eZ...c0Ke.Z..........RZ..x..q........,w...J....\+..uo.f.X..j..r.~x....:r.l.T......[.|..-R.m...d.-.|.u.KU.m.PH.......D.C......F.3...^Q..-!.....|p...k}

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00000c

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:Web Open Font Format, CFF, length 61432, version 0.0
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):61432
                                                                                                                                                                                                          Entropy (8bit):7.993923310479825
                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                          SSDEEP:768:+3lo4MuQ2Vyq1qjPpFVHTYacNa9qH2Pm4F82dUK9wlPt1jqhj9dzF2L0qxo1Ji+b:Wlo/uQ81WPASqWPdJUZjojTKQGtojeaX
                                                                                                                                                                                                          MD5:4F566BFD43217D65E8F9D0BC48210E58
                                                                                                                                                                                                          SHA1:F7FCCFEAA774D87B004672030CB9265F2CF991A2
                                                                                                                                                                                                          SHA-256:725F78069005B7469C0A72C4BDAABDE9E930BAE2486E99FE4CB3BCB32D243A49
                                                                                                                                                                                                          SHA-512:E6E9F8EC993FF4CFE328C569F4FEF40438CF0957057B07ABFB0B7A9626FAA347991DCDF3324999526D457602D641583332A5E69D81A512ECF936E31BA017875B
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:wOFFOTTO...................................CFF .......'....*T.5GDEF............*.*.GPOS...4..A}.....d.GSUB...........9|..OS/2...|...V...`].l.cmap...........RT.cvhead.......6...6*..Bhhea...T... ...$...thmtx...X..........V.maxp...t..........P.name...........;....post...t....... ...2......L.ZX.2_.<..........B...........4..................x.c`d``.........&.%.O.EP..^.......P.....x.c`f.........).....B3.1.1*100q3.031.1...............o&f..z.'..0.(00L..1y..d..r..#i....x...r.F.E....L...qQ...a..O.......C.....NB...?...A...J.....7..|.....=\..^._*...~P>...|.........O.....~R...^.....+.w..pg....+..pEy.....~.._)..r.P>.-.'...7*....U+.....7....p...'.C..+..|..nO.(.....Ar:...d....]W.5..iT...en.I..^&%..1.`.Y.{*...RP....~.....\i....W.<..M..J......~<+;..k..L.n........Q.d.-..iV.\S...z.#.f[..o.ExH..|.!&.!&'..%=...^..Qq.S...t!..Oy..Q..p...LXa..y......S..^.!...Z.f..I.(=..!.T.....,..{..x...r..<?'........I.s-.<2.....UoGUO....`e..,..d.Ho..........Op..Y'.cK...Mx.G.xX....`.....w.

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00000d

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:Web Open Font Format, CFF, length 55672, version 0.0
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):55672
                                                                                                                                                                                                          Entropy (8bit):7.99177392657553
                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                          SSDEEP:1536:hynrwsvx0C2DJkoGtnVF/gBikYVQGtZE9bw6g:gvx0C2DKooV9FTZE9b0
                                                                                                                                                                                                          MD5:04F8526527253346D793008EA8590C5C
                                                                                                                                                                                                          SHA1:CA301ED4559FEC081BA2CE4014734F5EADAA7361
                                                                                                                                                                                                          SHA-256:3EBBCD0A4043F8D291103EBF9B526EF8311A8F5C3525AF83DF586F30F9B32F4C
                                                                                                                                                                                                          SHA-512:F1FA31CA09BC649AC81ACE4C7E5094D09C79D6AA382826FAB7DF3B455E113108180A1DA84E5DE05023970F4FF606EE6C74812AB9C068B037511FC9235D04AF03
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:wOFFOTTO...x................................CFF .......{.......cGDEF............*.*.GPOS......9....<S<..GSUB...4........9|..OS/2...|...V...`[.k.cmap...........RT.cvhead.......6...6)..>hhea...T... ...$....hmtx..............maxp...t..........P.name...........MD.}.post........... ...2......L...=_.<..........B...........U..................x.c`d``..........]8..EP..^.......P.....x.c`fjf....................e.....X....X.r..H........7....=.....U...&.....)..n....x..x.....F.E..03..W.ff,......K.8...N..HQ..l!.nuI...V......D5.....q..m|.......#..p..._...l|..q..%...3.......3.x2..8..F...........<.}b|./.O.......qQ.........r...E,.../.?.}m|..>.M.|....\`...8.|..,.-.g.....a.3..8....4l.~..b..I..~H....iS..9..S^.3....T...P.#...=.q..y..M.V.....H..3.~[.r.^...$..W.~.EQ....}.{...^*.y.i.)X....o.......;..K8s.Y.M..GJAKJI..5............Z..}l......Z\AC.c.=...1>... %..Y..i).c..y.R2.....Xe!.:pK...z..,..xI.{..o.+T:c}..l..S{.ve...............J.:.^.....V{jX.i.!Z.z.....A.z.h....y...

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00000e

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):134597
                                                                                                                                                                                                          Entropy (8bit):5.836641103005388
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:A6ZPsROeREN3pnqPjuZUPAjfkK5wTYlJkFuW6AUyh1E7slw90dI0DZ2W9u3frAod:JPsQeRE5pqbZFuW63EGj0XQ3TAhmB
                                                                                                                                                                                                          MD5:263D6854FEDAD9A8786A6EF0B4E4A17E
                                                                                                                                                                                                          SHA1:C785370539F04E145B2654012FB239BB13B876C1
                                                                                                                                                                                                          SHA-256:C9C97A443E09F3EB398FC6E958D8F24C88D85FCC68017B1FB8D40C766EA425FD
                                                                                                                                                                                                          SHA-512:03850F93F9AB207D7A417948EB40C1402E3AAAD4B58E923C5332E7DD7D1F57CC8B52E07694D87C853C0AD5FAC9A1697461F22E210503DF9607FF836DD7B844B6
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:<svg width="54" height="13" viewBox="0 0 54 13" fill="none" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">.<rect width="54" height="13" fill="url(#pattern0)"/>.<defs>.<pattern id="pattern0" patternContentUnits="objectBoundingBox" width="1" height="1">.<use xlink:href="#image0_501_2684" transform="matrix(0.00067089 0 0 0.00281635 -0.178405 -1.97834)"/>.</pattern>.<image id="image0_501_2684" width="2012" height="1508" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB9wAAAXkCAYAAACIcHBlAAAACXBIWXMAABYlAAAWJQFJUiTwAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAYhuSURBVHgB7N0JvGVVfSf6/9rn3KnmuQoKKJAZZBBRQIlWHFAalclb0RANKhSKkoS0nU53v/7k+nl5n3TnvZekY3cSSWJ8sdPpR3WGT+zEtk2U7pjBJCqiiIhgMVRRVEGNd75n79XrVGFiGweGurfu8P3Cueecfe49Zw9rr31q//ZaKwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00000f

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x2160, components 3
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):283555
                                                                                                                                                                                                          Entropy (8bit):7.7925810252662115
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6144:/LchEVc7hRYnBKJUp4L8bKd7bij1/Ghf79WY9:6EV9BUU/2d/ijJGhf7N
                                                                                                                                                                                                          MD5:1E8577FAF290C64DBBA7D4A9C43F34CE
                                                                                                                                                                                                          SHA1:1D09B842B15E59908E810CF361E82749AA20B8D6
                                                                                                                                                                                                          SHA-256:7F147B5C47A4CE283D8AE5D0675E2D02A5EE1541083706BE611BFFC58E27DEBC
                                                                                                                                                                                                          SHA-512:2598D9E7CC5061396EA01B88C7C00AB53F39B7A7DAB68AAAFABA6B538DE56BA981FEACDA0319497833244AE98F4C83801DF3E997317125D137ABC094A669AC7B
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:......JFIF......................................................................................................................................................p..........................................................T."...`.....X..Ye.*.J%...@..T.(.....,.J..(.*P........X.,......@....T(S......@.RY@...%....K8.....J.D..XY`....%%...K..%..J.(J..b."......*P....X,....&9.XP...f@...AB../......%K,.........V.%.@......JB...*X.....),(.P..e...@....IR..e..,P..@...D....&Qe.......T.(..Tuwd...P......J....[K..8@...@..E.....X...,,.*(K..K.K.,Y@J..PJ%..(........(.P........J.d.P--U........(P.,.QQ@.....KV.!8@....e.X..H...%....YBP.,..%J..%J.A)*(.........K.......@.....(.YeR..P.e.n~.N..... .,.IK,...P.UZ!.......T..H..R.........JJ.,...RRPJ....J....@.,."...P..VY@.YR...,,(...V...:{,.`(*Y`.T.eX.,...Aq.h.#.....H.......X......J%.E...Q(......P..J...l),....b...@,..RY@*P.J.U...m(,.(......P...X..(..$@.-T".x..".%..T..JK.....(...E.P..)*Q(....P.......(A*...Qe.P..Qa@X..U.*.2.h..Jz........X....I....a......B,....@.)...

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000010

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (65450)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):225445
                                                                                                                                                                                                          Entropy (8bit):5.378711341053158
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3072:yhwvwV82wOdix0bgz6Fk7YLUaLdmBRDYH:yhwvwUOExEQokbasbDYH
                                                                                                                                                                                                          MD5:645FC548E91F44AA4E1226EE86502370
                                                                                                                                                                                                          SHA1:E4075A2E73B3AB050D85F985847E5DB554B3B2C2
                                                                                                                                                                                                          SHA-256:6265CA724F73E24568A94C7EA752B44E491C10231BFC8E80E86CD3F02EAB2E71
                                                                                                                                                                                                          SHA-512:F6E58EFE8E5B084703B995C644C4D530F4955909DDBBB23E21F8939DD6C8D57C82A62E249561D4B1CDCDEFDCB42C1747CC166145A936A928C59CC53B51E23BDE
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:/*! For license information please see modules.ad6500eebe72fe1c39dd.js.LICENSE.txt */.!function(){var e={4788:function(e,t,n){"use strict";n.d(t,{s:function(){return r}});const r=Object.freeze({IDENTIFY_USER:"identify_user",AUTOTAG_RECORDING:"autotag_recording",TAG_RECORDING:"tag_recording",HEATMAP_HELO:"heatmap_helo",RECORDING_HELO:"recording_helo",REPORT_USER_ID:"report_user_id",MUTATION:"mutation",MOUSE_CLICK:"mouse_click",INPUT_CHOICE_CHANGE:"input_choice_change",KEY_PRESS:"key_press",MOUSE_MOVE:"mouse_move",RELATIVE_MOUSE_MOVE:"relative_mouse_move",CLIPBOARD:"clipboard",PAGE_VISIBILITY:"page_visibility",SCROLL_REACH:"scroll_reach",SCROLL:"scroll",SELECT_CHANGE:"select_change",VIEWPORT_RESIZE:"viewport_resize",SCRIPT_PERFORMANCE:"script_performance",REPORT_CONTENT:"report_content",INSERTED_RULE:"inserted_rule",DELETED_RULE:"deleted_rule"})},6939:function(e,t,n){"use strict";n.d(t,{f:function(){return f},W:function(){return g}});const r=Object.freeze({LIVE:"LIVE",REVIEW_WEBAPP:"REVI

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000011

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):27345
                                                                                                                                                                                                          Entropy (8bit):5.24905475138269
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:dN+U897o0wh+E425S5zMrPbIFQvtGava1rx4hCbeKkevF3:dN+U897o0wh+E425S5zMrPbIFQv4Sqr5
                                                                                                                                                                                                          MD5:183ADEF418CFCAC3919538D9ABC9AA91
                                                                                                                                                                                                          SHA1:278FC89727946E6B860B253A6CFB28CC2E07CFFD
                                                                                                                                                                                                          SHA-256:0504371CDF41E78C944F76FA3E7D145913D00157C9CA2DD5DAC12EFCEF78331C
                                                                                                                                                                                                          SHA-512:A9B42B8A9BF484845178174904A4AFB092F4FA6540C8EAF693E0ACF5C974872EE19BEC91D6127DC4AC3F07515C34C02752FEDA83B96565E203DCB3AA566E3F6D
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"data":{"id":5,"order":24,"key":"gx-corner-videos","publishOn":"both","shuffle":false,"countries":[],"excludeCountries":[],"createdAt":"2023-08-25T13:24:41.885Z","updatedAt":"2024-03-29T11:14:09.915Z","publishedAt":"2023-08-25T13:25:04.846Z","notifyDate":null,"hideTitle":null,"debug":null,"design":"both","sectionType":[{"__component":"sections.trailer-section","id":1,"trailers":[{"id":1762,"trailer":"{\"url\":\"https://youtu.be/FgDYQ3MVsLE\",\"title\":\"The Mind-Blowing Creations of Hideo Kojima\",\"thumbnail\":\"https://i.ytimg.com/vi/FgDYQ3MVsLE/hqdefault.jpg\",\"mime\":\"video/youtube\",\"rawData\":{\"title\":\"The Mind-Blowing Creations of Hideo Kojima\",\"author_name\":\"Opera GX\",\"author_url\":\"https://www.youtube.com/@OperaGXOfficial\",\"type\":\"video\",\"height\":113,\"width\":200,\"version\":\"1.0\",\"provider_name\":\"YouTube\",\"provider_url\":\"https://www.youtube.com/\",\"thumbnail_height\":360,\"thumbnail_width\":480,\"thumbnail_url\":\"https://i.ytimg.com/vi/FgDYQ3M

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000012

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):66786
                                                                                                                                                                                                          Entropy (8bit):5.256787707031287
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:c5+cGw/5f5vfaH8x77vtGg7iCMmKSzBjYhj+9r1IgtDxeyPb5aTS+7GYGALBJ5cE:gfRfJMWtDx4
                                                                                                                                                                                                          MD5:067383EDDB64CDA7E25E5FCD91D96C6E
                                                                                                                                                                                                          SHA1:756A5CC020D3E0295C3E5203AC1092247FF1466B
                                                                                                                                                                                                          SHA-256:3A77E980102F32CB0ABB77036078684BFCDCCE9BA01EE343A4A1B245E4D7E556
                                                                                                                                                                                                          SHA-512:56E57CF4CE94F78798420A2F6BCAA4494A0329A5033510939326CA2C76ADC001F5192931F2619A4C3CAB8386341927EF600CEE4C8325F433BA32F283D1AD838D
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"data":{"id":3,"order":27,"key":"gx-corner-trailers","publishOn":"both","shuffle":false,"countries":[],"excludeCountries":[],"createdAt":"2023-08-25T12:02:56.236Z","updatedAt":"2024-03-29T15:45:12.075Z","publishedAt":"2023-08-25T12:02:58.508Z","notifyDate":"2023-11-09T15:00:00.000Z","hideTitle":null,"debug":null,"design":"both","sectionType":[{"__component":"sections.trailer-section","id":2,"trailers":[{"id":1792,"trailer":"{\"url\":\"https://www.youtube.com/watch?v=Pzgopn35Gdk&t=35s\",\"title\":\"Maniac - Launch Trailer\",\"thumbnail\":\"https://i.ytimg.com/vi/Pzgopn35Gdk/hqdefault.jpg\",\"mime\":\"video/youtube\",\"rawData\":{\"title\":\"Maniac - Launch Trailer\",\"author_name\":\"Transhuman Design\",\"author_url\":\"https://www.youtube.com/@TranshumanDesign\",\"type\":\"video\",\"height\":113,\"width\":200,\"version\":\"1.0\",\"provider_name\":\"YouTube\",\"provider_url\":\"https://www.youtube.com/\",\"thumbnail_height\":360,\"thumbnail_width\":480,\"thumbnail_url\":\"https://i.yti

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000013

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):34076
                                                                                                                                                                                                          Entropy (8bit):5.288711600282534
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:9IC0lzJ8n2ED9Mf1gjtCeijvcb3095vO0JTzQUVA9+GGff:9IXzJ8nH+fNeacbEvzTzQU+9+Gif
                                                                                                                                                                                                          MD5:01BC5D63FB3DECE27116BB520C2F6DEA
                                                                                                                                                                                                          SHA1:A699E6EC5AE2782C99CE45924C0CF47F5ACEC777
                                                                                                                                                                                                          SHA-256:CB693F0A8F5A3907175AB18582220296B0DA568BAB242BE9B37A5F8F2474BDA0
                                                                                                                                                                                                          SHA-512:1689106225AB144D6469461310B72E3B079CE6ABDBB59878F117E4108C27AAA13AF24D511B3DFBD1BF77BCAB6D2AD7B9EE490BFAFDEBDA5F7ECC475AF2A193A8
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"data":{"id":8,"key":"gx-corner-upcoming","shuffle":true,"sectionType":[{"__component":"sections.deals","id":2,"filterBy":"platforms","badge":"genre","popUp":true,"tile":"regular","tagType":null,"globalTag":null,"games":[{"order":31,"id":446,"url":null,"game":{"id":1327,"title":"Terminator: Survivors","website":"https://store.steampowered.com/app/2617340/Terminator_Survivors/","imageOrigin":"https://www.igdb.com/games/terminator-survivors","releaseDate":"2024-10-24T00:00:00.000Z","rating":null,"genres":[{"id":1,"name":"Action","localizations":[]},{"id":2,"name":"Adventure","localizations":[]},{"id":26,"name":"Survival","localizations":[]},{"id":28,"name":"Open world","localizations":[]}],"platforms":[{"id":9,"name":"Windows","icon":{"id":123,"url":"https://proxy.gxcorner.games/resizer/assets/obraz_2023_08_21_154708998_8ba128313e.png"}},{"id":6,"name":"Playstation","icon":{"id":120,"url":"https://proxy.gxcorner.games/resizer/assets/obraz_2023_08_21_154553319_59d8559097.png"}},{"id":10,

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000014

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (46429), with no line terminators
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):46430
                                                                                                                                                                                                          Entropy (8bit):5.303853365298302
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:OaOFhhR5OIahpjfRys3LzQR04TYYyDMOWPKQ:OaOFnRqDRtzQ64IfWiQ
                                                                                                                                                                                                          MD5:72BCA04FD669EB89FC65D59052D0FC00
                                                                                                                                                                                                          SHA1:27E60AEF86F0CB1B2F6B6ED9DF9A4E3BA88EFD21
                                                                                                                                                                                                          SHA-256:823804A7807864B44093A3843788F4CD076E89CF4A6FDEB8D153AE5C2C2DF721
                                                                                                                                                                                                          SHA-512:56058E4C927563CA37DEC4979AF28A415EA3042A389C0BA22738C76D39131317A703A38A95EAB9D913F116F7C2D1DA62A0A87750F47DECA2DDB3447D64303B12
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:function UET(o){this.stringExists=function(n){return n&&n.length>0};this.domain="bat.bing.com";this.domainCl="bat.bing.net";this.URLLENGTHLIMIT=4096;this.pageLoadEvt="pageLoad";this.customEvt="custom";this.pageViewEvt="page_view";o.Ver=o.Ver!==undefined&&(o.Ver==="1"||o.Ver===1)?1:2;this.uetConfig={};this.uetConfig.consent={enabled:!1,adStorageAllowed:!0,adStorageUpdated:!1,hasWaited:!1,waitForUpdate:0};this.uetConfig.tcf={enabled:!1,vendorId:1126,hasLoaded:!1,timeoutId:null,gdprApplies:undefined,adStorageAllowed:undefined,measurementAllowed:undefined,personalizationAllowed:undefined};this.beaconParams={};this.supportsCORS=this.supportsXDR=!1;this.paramValidations={string_currency:{type:"regex",regex:/^[a-zA-Z]{3}$/,error:"{p} value must be ISO standard currency code"},number:{type:"num",digits:3,max:999999999999},integer:{type:"num",digits:0,max:999999999999},hct_los:{type:"num",digits:0,max:30},date:{type:"regex",regex:/^\d{4}-\d{2}-\d{2}$/,error:"{p} value must be in YYYY-MM-DD date

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000015

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (22644)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):126185
                                                                                                                                                                                                          Entropy (8bit):5.2840701881480125
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3072:DBKvA9/BxPCqH+/UQzVqSpXUK0EbuY7f2/X/eY:D7QESpXUK0EbuY7sXT
                                                                                                                                                                                                          MD5:FE9F1F0FF513C519198BAC39FAF30BC9
                                                                                                                                                                                                          SHA1:69B52E582BA19093697935301FE5A6EC96092307
                                                                                                                                                                                                          SHA-256:0A95F5AC572DE9D9DFD32FBFAA58C872067E3BE9FAA594BD85462028C3156470
                                                                                                                                                                                                          SHA-512:D3F4A032F3B29E85D4C704183A3377C48E0A60F386D5AB78182056749EB7F30408C9B220A183652525ECBD220927EB3797FC134C958AF3FCA753BBDC11C5F68C
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:(function(){"use strict";try{self["workbox:core:7.0.0"]&&_()}catch{}const Xa=null,vs=(t,...e)=>{let n=t;return e.length>0&&(n+=` :: ${JSON.stringify(e)}`),n};class M extends Error{constructor(e,n){const r=vs(e,n);super(r),this.name=e,this.details=n}}const er=new Set;function Es(t){er.add(t)}const re={googleAnalytics:"googleAnalytics",precache:"precache-v2",prefix:"workbox",runtime:"runtime",suffix:typeof registration<"u"?registration.scope:""},Yt=t=>[re.prefix,t,re.suffix].filter(e=>e&&e.length>0).join("-"),xs=t=>{for(const e of Object.keys(re))t(e)},We={updateDetails:t=>{xs(e=>{typeof t[e]=="string"&&(re[e]=t[e])})},getGoogleAnalyticsName:t=>t||Yt(re.googleAnalytics),getPrecacheName:t=>t||Yt(re.precache),getPrefix:()=>re.prefix,getRuntimeName:t=>t||Yt(re.runtime),getSuffix:()=>re.suffix};function tr(t,e){const n=new URL(t);for(const r of e)n.searchParams.delete(r);return n.href}async function Ss(t,e,n,r){const s=tr(e.url,n);if(e.url===s)return t.match(e,r);const i=Object.assign(Object

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000016

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):19701
                                                                                                                                                                                                          Entropy (8bit):7.973255823764334
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:384:biAWCmZQe2V/ILPGDH13ufLUFRACRMU6LYRJHXK96dw:FaL2VADGx3uzAAuF6Lj6dw
                                                                                                                                                                                                          MD5:D72CDA1BCB01856F53AB901B70917BA6
                                                                                                                                                                                                          SHA1:C0A9FFA00433A04FCEA1D655AE02B25F5039FE56
                                                                                                                                                                                                          SHA-256:9FACE54CA63E996D2169BDA0C4B9A90353B140FC800AEEDE8B48696C4F64F471
                                                                                                                                                                                                          SHA-512:13743EB949B90BDA73B6271B93D2417982632442DE132ECDE5D6124F4BB9916576E0F49163B6846BBDED2420689528849B46B6678CD941BC9AEBAF9E0570F93D
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR.............R.l...L.IDATx.....1.D..Ys.....J.S..{..nX..h.{...@.H.*..Y.S.k~..y{'.YU.>..g.zvW.......0..V.i.g]...w-.]1.2P...?t.............W....g...%Y.peU....c[k..5...m[...vW.3s#......;.]g...A...""G$.HNU.941^B>..jX.h'CC]2.....Q...6.1V.../9.1Ke...=d..H..B.0.KT.M.j....0...-S..s...Y<w.l6.........i.BB<.....X..^Nv.M..d77..U.x...t....a..*..1.1.D7(..+.... ..qT#.Mu.z.e..g]|.dQ.p.b.:...Hz"H.P..z .......Cz|....[....~.G.eC.."l.&lDc....-....".K44.c...b.......'..[..F=A. T..]...0...Di..H..v...S..5.hg.K...t.N....w... ...&=]._..{.........l..c. ..YU`...y.WSQ$<.^....*...-..N.6i.....]p....h...........,u.@...C,.#..r!..p.._not.L....`l.t.P...w#.S.lx.,.i..Y.......k......x=.....DoG!.. ..".q..@.IM.g.M....y.A.r.@...bH.B...[..#e.W._....^J.R.t{.....+ ..08V6....x...lhn..)+..l.R.A......U.y.....p.9...}..tz4... ...E.C./?......nLw.Lqn$....DU.PC~.U.b.c..1.C..."...(o..kT...+...0.N.c.f...-L....7..!..{..._.t.t.h...P.B.o.:...%....o..G.................>.HE.g..6..6_

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000017

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):51779
                                                                                                                                                                                                          Entropy (8bit):5.337745061554449
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:W1aGo6wCE3mFl4WMmcwqW/d5OUo00pDSsRtzxSunThVK:Dtd9hQ
                                                                                                                                                                                                          MD5:67CFF6DB3C62C9A78691EAA28D7C9E37
                                                                                                                                                                                                          SHA1:9702228C44E5FEFB0AD99235E1F72A9553506A2A
                                                                                                                                                                                                          SHA-256:B70E17C4E92A0C04DB6BC92FE82C1CECFA3D7742CDFC89ECA498E328AC7CD1D0
                                                                                                                                                                                                          SHA-512:3C1D1BA5F3350D535C36012A5566C0EB95767F241A5B6248C524F4CAED92A58C34C0DFF65ED26F23653B330388A5421CEEDF1C6BCEA6A1C8F647C7ADE169A8A7
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"data":{"id":14,"key":"gx-corner-free","shuffle":false,"sectionType":[{"__component":"sections.free-games","filterBy":"platforms","tag":"horizontalAndSub","tile":"regular","globalTag":{"id":6,"name":"FREE","color":"#b81124"},"globalSubTag":null,"popUp":true,"badge":"store","games":[{"id":216,"order":1,"publishedAt":"2024-03-28T15:50:00.012Z","game":{"id":1429,"title":"Islets","website":"https://store.steampowered.com/app/1669420/Islets/","imageOrigin":"https://www.igdb.com/games/islets","releaseDate":null,"rating":81,"genres":[{"id":2,"name":"Adventure","localizations":[]},{"id":57,"name":"Metroidvania","localizations":[]},{"id":16,"name":"Platformer","localizations":[]}],"platforms":[{"id":9,"name":"Windows","icon":{"id":123,"url":"https://proxy.gxcorner.games/resizer/assets/obraz_2023_08_21_154708998_8ba128313e.png"}},{"id":10,"name":"Xbox","icon":{"id":124,"url":"https://proxy.gxcorner.games/resizer/assets/obraz_2023_08_21_154736126_5b54cab834.png"}},{"id":7,"name":"Switch","icon":

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000018

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (16407)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):16408
                                                                                                                                                                                                          Entropy (8bit):5.909998053301081
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:192:Aq3g0E5Tz5TUPbaEMpPbaEMYmbEXnMxxakyFNtKLuqVJttxDx0hbA:L3gR5f5AmhmF4K4kyFnuX/
                                                                                                                                                                                                          MD5:8F088FF9EE5D46C1FCD3BA3DD2C7DB02
                                                                                                                                                                                                          SHA1:E5E544458BF173FF85B92A06BDCCEEA4A95B0D71
                                                                                                                                                                                                          SHA-256:75778581A1075C0E377F170167C582094C9D99CC8C013AA2007CEAC957A00399
                                                                                                                                                                                                          SHA-512:B5793DD6ED3C22AD53E6AC47808E0B019B8E033B0DB3EBEDA493DB45FC1230360BACA395133E2718115166779901944AFA76C7580AA45EFF285F1A981593A0B5
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.link.svelte-13hojts{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAcCAYAAAByDd+UAAAACXBIWXMAAAsTAAALEwEAmpwYAAAFGmlUWHRYTUw6Y29tLmFkb2JlLnhtcAAAAAAAPD94cGFja2V0IGJlZ2luPSLvu78iIGlkPSJXNU0wTXBDZWhpSHpyZVN6TlRjemtjOWQiPz4gPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iQWRvYmUgWE1QIENvcmUgNS42LWMxNDggNzkuMTY0MDM2LCAyMDE5LzA4LzEzLTAxOjA2OjU3ICAgICAgICAiPiA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPiA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIgeG1sbnM6cGhvdG9zaG9wPSJodHRwOi8vbnMuYWRvYmUuY29tL3Bob3Rvc2hvcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RFdnQ9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZUV2ZW50IyIgeG1wOkNyZWF0b3JUb29sPSJBZG9iZSBQaG90b3Nob3AgMjEuMSAoTWFjaW50b3NoKSIgeG1wOkNyZWF0ZURhdGU9IjIwMjAtMDMtMDlUMTc6MTk6NTcrMDE6MDAiIHhtcDpNb2RpZnlEYXRlPSIy

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000019

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):47661
                                                                                                                                                                                                          Entropy (8bit):5.327718495226229
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:OSb3095ftBjtCw0yQUUeYvsk0ucNUk6/g0rgAv2bbm90jcqi9ysw7ae3YG0ZQ9Et:OSbEft3mUUeYvsk0XNUk63gAv4zc7w7W
                                                                                                                                                                                                          MD5:2188A58A16B2F6DF124BAD4233CB6256
                                                                                                                                                                                                          SHA1:6B0D2BC4EDFA662067E8C8928A33176B361C9B71
                                                                                                                                                                                                          SHA-256:3134131897B5ED9B45D64F9E1CADF57DB88CEA8125BEFF9B03FFBD4C402486A7
                                                                                                                                                                                                          SHA-512:84B022039248C7E611E0CE4A8B095B3F80CAFC0BB86F743CAA68DBCC861AF7978E0788DA78F99F15863EECA319C6A797803B786E7424DE90BD0C85B26D03570C
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"data":{"id":10,"key":"gx-corner-top-april","shuffle":true,"sectionType":[{"__component":"sections.deals","id":4,"filterBy":"platforms","badge":"genre","popUp":true,"tile":"regular","tagType":null,"globalTag":null,"games":[{"order":1,"id":479,"url":"https://store.steampowered.com/app/1733240/Phantom_Fury/","game":{"id":1373,"title":"Phantom Fury","website":"https://store.steampowered.com/app/1733240/Phantom_Fury/","imageOrigin":"https://www.igdb.com/games/phantom-fury","releaseDate":"2024-04-23T00:00:00.000Z","rating":null,"genres":[{"id":1,"name":"Action","localizations":[]},{"id":2,"name":"Adventure","localizations":[]},{"id":22,"name":"Shooter","localizations":[]}],"platforms":[{"id":9,"name":"Windows","icon":{"id":123,"url":"https://proxy.gxcorner.games/resizer/assets/obraz_2023_08_21_154708998_8ba128313e.png"}},{"id":6,"name":"Playstation","icon":{"id":120,"url":"https://proxy.gxcorner.games/resizer/assets/obraz_2023_08_21_154553319_59d8559097.png"}},{"id":10,"name":"Xbox","icon"

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00001a

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):116276
                                                                                                                                                                                                          Entropy (8bit):5.353899176843121
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:CYHgLADrKm6KluRvspTTumz1dv9R7v7FEpMSi4eortzKtwy6pt8S7a/dSjKke8G8:8EpFMD3gyP1
                                                                                                                                                                                                          MD5:7A5C316861A951EFEBA06DECFF20C59C
                                                                                                                                                                                                          SHA1:1A76A07EEFBCE8A0E4BD092CF9B1696EAC8C7F21
                                                                                                                                                                                                          SHA-256:641B3D4BF69D298E85E50637672EB58AE90FB50EC06459194EEE9887A1774EB5
                                                                                                                                                                                                          SHA-512:3638DF6A72526565716EFABF24B3D2AA1919058A0D2E6A6FBDDDC7B71A0B7A52D1A6F54A5CDA7B237709B409D716DFBC2F3E17F86BA26251305009B292EA1B97
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"data":{"id":88,"key":"gx-corner-daily","sectionType":[{"__component":"sections.daily-section","id":1,"topCommunity":[],"items":[{"id":214,"key":"daily-meme-graphics-upgrade","visible":true,"publishedAt":"2024-03-09T06:00:00.000Z","dailyType":"daily.daily-meme","title":"Graphics upgrade [meme]","category":null,"description":null,"locale":null,"label":null,"reactions":[{"id":46,"name":"Rambit 4K","emoticon":"https://proxy.gxcorner.games/resizer/assets/operagx_4k_b99dd2a3f0.png","count":462},{"id":25,"name":"Aura LOL","emoticon":"https://proxy.gxcorner.games/resizer/assets/gx_Aura_Kek_825b2826b1.png","count":3433},{"id":62,"name":"Rambit Monka","emoticon":"https://proxy.gxcorner.games/resizer/assets/operagx_monka_4cb62c8907.png","count":508}],"backgroundImage":null,"image":"https://proxy.gxcorner.games/resizer/assets/download_194af154d0.png","video":null},{"id":221,"key":"daily-cowboy-bebob-overwatch","visible":true,"publishedAt":"2024-03-09T14:00:00.000Z","dailyType":"daily.daily-regul

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00001b

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):69385
                                                                                                                                                                                                          Entropy (8bit):5.276789500895045
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:384:PAglUnYBklCvKr1XicZuyS3IUM1tZfLdt1/obYz+DZL6FtEoHBKwBbHjOsTPOTOb:3Kr1X9S3TMbDobL6FTXxW+ozLEsbhG
                                                                                                                                                                                                          MD5:AB8EBF636E729F8FCE0A9DC9D0C66953
                                                                                                                                                                                                          SHA1:728BF004E25D1A22DA9647B441829B5A01835AFE
                                                                                                                                                                                                          SHA-256:EDB16AC11F09CAB4FC7A5383B9FAF0A09256D3886AD6A9E5B92931A6005C9896
                                                                                                                                                                                                          SHA-512:21C1F218A3B06541B1930B40D5E29F790F74D0DD3B60A3FCCCD38EE86732C40B16D5F59F4B4DBE228D9435D3BC81E0D3959BDA9BE87BC0C21F01578B05BA06E3
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"layout":"category_grid","news":[{"article_id":"9aa4b37391115a32d74c16db33982592822a9b30","display_url":"https://www.esquire.com/entertainment/movies/a60341611/jordan-peele-us-anniversary-restrospective/","image":"https://discover.operacdn.com/assets/tn/l/mq/9aa4b37391115a32d74c16db33982592822a9b30","publisher_domain":"www.esquire.com","publisher_favicon":"https://sd-images.operacdn.com/api/v1/images/aacb366c74913d44dc504e9eee1232dc62f9ff1b.png","publisher_name":"Esquire: Entertainment","real_url":"https://www.esquire.com/entertainment/movies/a60341611/jordan-peele-us-anniversary-restrospective/","size":[1,1],"template":"default","title":"Jordan Peele's Us Is Still Scary\u2014and Relevant\u2014as Heck"},{"article_id":"3cd91f5d8f6cbd11bbe0d591c4d4545ab208be56","display_url":"https://www.eonline.com/news/1398427/breaking-down-beyonces-cowboy-carter-grammys-critics-and-a-nod-to-becky?cmpid=rss-syndicate-genericrss-us-top_stories","image":"https://discover.operacdn.com/assets/tn/l/mq/3cd9

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00001c

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (24210)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):24211
                                                                                                                                                                                                          Entropy (8bit):5.408789306435823
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:384:dgO9rOYFAdaC/G/Fzl9A9SdP9iuFuh1ADYzHOZu1x8+tX6Q+HVqQsTx5+u9TJK2W:dgO9rOYFYhaFzl9A9SdP9jchuDY7OZuw
                                                                                                                                                                                                          MD5:F007061B725432B941E177A1C70E3A22
                                                                                                                                                                                                          SHA1:2F8F8F890F43D4CBB4021D64F11174C1DFA9BF0D
                                                                                                                                                                                                          SHA-256:6CF8F6EE951BFFFB675952645EEF32256AAB3585F62449E98FA9E3823C9503DB
                                                                                                                                                                                                          SHA-512:4EF7229D64A96FAE32B829306DB40C08D87C4E0B77FAFBB29B8BBD2D9267FB70C588B71E704CB5E6424400407424EB93792154B37666713BF7360FE975C5EE8F
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:import{S as X,e as x,f as ee,G as z,H as y,t as u,l as m,I,R as b,Y as k,$ as U,x as $,A as w,C as Oe,a2 as O,a3 as ve,y as F,z as M,a1 as _e,L as R,M as N,a0 as v,a9 as K,af as le,aa as ie,a8 as ne,U as te,Z as Re,_ as re,ad as Ne,aq as ge,ag as $e,D as J,J as se,K as ae,aj as we,E as Ye,Q as Ze,a6 as Je,a7 as Ke,v as Ve}from"./vendor-rii-AV_l.js";import{O as fe,R as Qe,T as Xe,U as xe,V as de,X as et,c as tt,Y as He,Z as pe,_ as je,$ as lt,a0 as it,a1 as Te,a2 as nt,a3 as rt,H as Se,a4 as be,a5 as st,A as at,B as ft,a6 as Ge,a7 as Ue,W as ot,a8 as ut}from"./App-CxTZVnef.js";import{B as We}from"./Badges-CuIfQk-d.js";import"./index-DtMr64Oc.js";import"./index-DQE_taSP.js";import"./strings-D9eBrPdG.js";(function(){try{var n=typeof window<"u"?window:typeof global<"u"?global:typeof self<"u"?self:{},e=new Error().stack;e&&(n._sentryDebugIds=n._sentryDebugIds||{},n._sentryDebugIds[e]="25840fc6-f5d9-40ab-b59e-5dabb7927ecb",n._sentryDebugIdIdentifier="sentry-dbid-25840fc6-f5d9-40ab-b59e-5dabb

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00001d

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):250079
                                                                                                                                                                                                          Entropy (8bit):5.379307520624104
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:ScanThWIBOOjer1IQOyLJbaCR6pjwSpF6JR/tJh+8Nrc0QpEWH4iLzdeKty1Raxn:DRknxj4aZQ6m2iyytgJpQszD
                                                                                                                                                                                                          MD5:35BC070C957A5BCC193C9326C1F66D59
                                                                                                                                                                                                          SHA1:4EB7DEDB0CB5216E1181D5187168C1756D407D8A
                                                                                                                                                                                                          SHA-256:7D84DE8AD5B4A038E6D81185B3796ADD562166870E94223A246ADD964FC8AA86
                                                                                                                                                                                                          SHA-512:C8B5EB549EE2DD92CB6D810903D20C018DCB96361C8935ABBF219DB0C330793DD4EA790E2141E678E996AD94E38B2193DF7FC3CD4DA3A1E69A9BE517B23A8C6D
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"data":{"id":1,"key":"gx-corner-release-calendar","sectionType":[{"__component":"sections.calendar-section","id":3,"games":[{"id":400,"url":null,"hideCta":false,"release":"2024-03-09T00:00:00.000Z","hotGame":false,"onlyMobile":false,"platforms":[],"cta":{"id":35,"label":"On Steam","locale":"en","localizations":[]},"ctaExpired":null,"tag":{"id":16,"name":"DEMO","color":"#0a9574"},"game":{"id":1284,"title":"United Penguin Kingdom","website":"https://store.steampowered.com/app/2635350/United_Penguin_Kingdom/","imageOrigin":"https://www.igdb.com/games/united-penguin-kingdom","releaseDate":"2024-03-09T00:00:00.000Z","genres":[{"id":25,"name":"Strategy","localizations":[]},{"id":176,"name":"City Builder","localizations":[]},{"id":26,"name":"Survival","localizations":[]}],"platforms":[{"id":9,"name":"Windows","icon":{"id":123,"url":"https://proxy.gxcorner.games/resizer/assets/obraz_2023_08_21_154708998_8ba128313e.png"}}],"imageCoverVertical":{"id":8057,"url":"https://proxy.gxcorner.games/res

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00001e

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (61212), with CRLF line terminators
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):61309
                                                                                                                                                                                                          Entropy (8bit):5.352009200867432
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:lxjLZeJ7PoxWPPXlBQU/VOxfeTEe3DLcQKJQSf5cqFXqf5Rm3gOYaTUYkfF:Ljo9PoxW3UckJQk5cPtSUX
                                                                                                                                                                                                          MD5:11A51F25A570C35DF4591C8CBBCC72E9
                                                                                                                                                                                                          SHA1:C2E8F0D1E72187F8A56BDE6B212A88A9CCCE6FDA
                                                                                                                                                                                                          SHA-256:5D0A9506EE0C2E64325D59451EFF05B24DF4CD07DC65F300B3BC39E28379640D
                                                                                                                                                                                                          SHA-512:1D70C0CC81A2776D7082C7C83FADBFBF3829733935CD3429CF967EB042FD0614D7048D8CA9555540986545B2C0DD2A54848CAB0C4D3081C736D52C44530AC2D6
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:/* clarity-js v0.7.26: https://github.com/microsoft/clarity (License: MIT) */..!function(){"use strict";var t=Object.freeze({__proto__:null,get queue(){return Ya},get start(){return Xa},get stop(){return qa},get track(){return La}}),e=Object.freeze({__proto__:null,get clone(){return sr},get compute(){return lr},get data(){return er},get keys(){return nr},get reset(){return dr},get start(){return ur},get stop(){return hr},get trigger(){return cr},get update(){return fr}}),n=Object.freeze({__proto__:null,get check(){return yr},get compute(){return kr},get data(){return tr},get start(){return br},get stop(){return Er},get trigger(){return wr}}),a=Object.freeze({__proto__:null,get compute(){return Tr},get data(){return Or},get log(){return Mr},get reset(){return _r},get start(){return Nr},get stop(){return xr},get updates(){return Sr}}),r=Object.freeze({__proto__:null,get callbacks(){return Cr},get clear(){return Wr},get consent(){return Hr},get data(){return Ir},get electron(){return Dr},

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00001f

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):85951
                                                                                                                                                                                                          Entropy (8bit):5.34135523647441
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:fCs9gI/TkfV0Wi3imf5lfEVuTG3V5j9RN:fC4rq0WsimxlfEIGFpN
                                                                                                                                                                                                          MD5:3B7EE2FE66631C3DEE312B48C763C114
                                                                                                                                                                                                          SHA1:FBD683F762D126BEF07CAB7D9665EE900B060ABB
                                                                                                                                                                                                          SHA-256:E5EF74BBB1D4467D506D261D2C94195AAC068A4BBA9877DDAA38245A523F2B4D
                                                                                                                                                                                                          SHA-512:D4EE53747DEA46057D78E9590ADBABB5B8E1837C0A0DF804DB95C126FC93DE3A651DC9AD901150940CCDD1462DDECA1F5F98EE28B30E31869AFB5582AC1324A8
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:[{"url":"https://www.blacknut.com/en/game/62d66fa9dda24019a4b01c55_248-scribble?source=operagx&ae=23","name":"248 Scribble"},{"url":"https://www.blacknut.com/en/game/6241cd00dda24073602eaf2f_7-years-from-now?source=operagx&ae=23","name":"7 Years From Now"},{"url":"https://www.blacknut.com/en/game/591b1593b25b233ecbcbeb5c_a-new-beginning?source=operagx&ae=23","name":"A New Beginning"},{"url":"https://www.blacknut.com/en/game/5e4e9f99dda2403b883067f1_aer-memories-of-old?source=operagx&ae=23","name":"AER: Memories of Old"},{"url":"https://www.blacknut.com/en/game/60461dd4dda2400c8a96b5e3_ao-tennis-2?source=operagx&ae=23","name":"AO Tennis 2"},{"url":"https://www.blacknut.com/en/game/5d09e919dda24001ea09836c_atv-drift-tricks?source=operagx&ae=23","name":"ATV Drift & tricks"},{"url":"https://www.blacknut.com/en/game/607e858cdda2405d3b364da2_avicii-invector?source=operagx&ae=23","name":"AVICII Invector"},{"url":"https://www.blacknut.com/en/game/651d3ad1dda24047297d5be5_adams-venture-chronicl

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000020

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (32781)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):33546
                                                                                                                                                                                                          Entropy (8bit):5.613741545231076
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:oBnYvZRsmp8mpQ8smpvKAsTNbHesAmuZdRRH6zq5XfBxcvy+qMyJXolSJsTLChjO:KuRsPVqjmHs5OvYsJ
                                                                                                                                                                                                          MD5:EE8BBABEAD7DE4DEB8FD2F4ED07174A4
                                                                                                                                                                                                          SHA1:4BCA2801EAC65C92127B0BE33EFFB51852556B49
                                                                                                                                                                                                          SHA-256:E5EB44CCA16322D4135FAD351AE8C14158B6F99F866E026F625BE133013DEE23
                                                                                                                                                                                                          SHA-512:E8EA7CB96B627F2482555D5CB14A8D8619240C98A25643E06BCFDA6287BF8EFCD545686147AD011BD5BC42F11B454DC4F223D118BA7AD38BA6A66870624AC2EB
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:function __vite__mapDeps(indexes) {. if (!__vite__mapDeps.viteFileDeps) {. __vite__mapDeps.viteFileDeps = ["assets/DailyMeme-DGIR51QW.js","assets/vendor-rii-AV_l.js","assets/App-CxTZVnef.js","assets/index-DtMr64Oc.js","assets/index-BRRDBs1E.css","assets/index-DQE_taSP.js","assets/strings-D9eBrPdG.js","assets/App-BVVRbkhP.css","assets/IntersectionObserver-DZG7XBCV.js","assets/DailyLayout-AjTNEUzw.js","assets/DailyLayout-DZ7n9sk7.css","assets/DailyMeme-ZC_nGymJ.css","assets/DailyRegularContent-BuVjgopR.js","assets/DailyRegularContent-D3u5Anw2.css","assets/DailyThisOrThat-vIwCIK_H.js","assets/DailyThisOrThat-DtAGpqOL.css","assets/DailyShort-CQvRSm-o.js","assets/DailyShort-B995v0Zn.css"]. }. return indexes.map((i) => __vite__mapDeps.viteFileDeps[i]).}.import{_ as ce}from"./index-DtMr64Oc.js";import{S as ne,e as se,f as ie,R as B,Y as r,aw as we,$ as M,x as j,a0 as m,N as V,A as W,aJ as b,G as A,a3 as N,H as F,U as ue,t as I,l as Z,I as P,a1 as We,v as Ee,O as Je,ab as de,a2 as Y,L as

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000021

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):18924
                                                                                                                                                                                                          Entropy (8bit):7.954790926183394
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:384:F170w3ojYf5Bs7mS5huVWj/gvFc8yW+mJ4Euj845+CoXlxgzlMM7tU:Fh+6SGkjIvFJJROo1IH7m
                                                                                                                                                                                                          MD5:D701791C2DE6331066B549DB1FDE5C8B
                                                                                                                                                                                                          SHA1:4830E44DCC36218AE04FEE4D146E33BC0B5A47EE
                                                                                                                                                                                                          SHA-256:B67238C92A11972806C94AB137878CBC1B377618435CAF8FEEC6537FB71398F8
                                                                                                                                                                                                          SHA-512:226217FD4F1941FB60EA52672C4DB0E692AC0EA92A57A6B78ADEB66C0883186A39EC547AA8D31D8D2511614889389158D5C8F4CC58A5A8189AA12771572E215E
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:......JFIF............................."'%#""#-(-(/.(20----5=PB58K9--EaEKSV[][2AemdXlPY[W.......0..0W?7?WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW......h....".......................................J........................!1A.Qaq."......2R....#B...3Sbr...$Cs..45c%D.................................(........................!1QA."a2BR..q.............?...!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... .!...B.B.... ...z.j?.(~g~.............Mq...xs.]...O.G.;...u.....Uw..[j~...C.:......(..i...g~......<..}.....3.J>..}.?..7..6...t_cm>........~..w.M.~...s.]...O.G.;......?..7..6...!tN.6..&......g.v...@N....h.e\Z.....V..P...).........9...mH....AC..EF.6..?..p"..H}..{..3.J.......B.>...?...b._....S...n^...I.&..J?...bm_....S...n^...K."......(..j...g~......4..}..{..3.J>.Z..G.;...?F.9....U....3.J>.Z..G.;...?F.9....U.....S.z.jq.R..s..J....a

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000022

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):34151
                                                                                                                                                                                                          Entropy (8bit):7.971067697267996
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:PnRSvYTKiPvA/58iIkKNVcWAtF5NXB8HjtN1kM9YV4y7Hdh8OmpVcgZtf:vRvKi3A/GiIZNVchiHlhtOkj5
                                                                                                                                                                                                          MD5:49E2B0B62F33284F880EA80E0BE89D70
                                                                                                                                                                                                          SHA1:2C69816677009496A8CDF29EFFFEB8E5AC328F32
                                                                                                                                                                                                          SHA-256:6F0C03BE954907FEF1AEAAA50F1B64A42B31066FC69B8366B843343E81666DED
                                                                                                                                                                                                          SHA-512:E0C7FE7825671DDE9DCE6313B2C46655574E24FF3CD72BA4C84C1BC74F817DB5E3BFEEC1E39480779AC3C1AA1BF9898A577F6030364759AC7FBE8280491291EC
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:......JFIF......................................................................................................................................................h....".........................................R........................!1.AQ.."a.2q....B.....#RSbr...3...CT...$.....Dt...cs...d................................9........................!1AQa..q..."2....BR.......#b%5S............?...Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..'.x+.sm...$."DJ..:.=..t..5..m..!.U.....".bi.w.J...TU..z>.p.G..`.g.z....N...}..d...%.............(.qv(]..s.....j*....z.l.le.,.7..-..eJ..G."E...~........W..]^...ygQ&s.+....W.,.......a}.....p..j.u;....q.}..[.......U..(..}..?m..e.....3...d..+m.g.w+.....e...h...z...'l.........h....`x...{.z?....\7./.OM.5..k#.........._..................2....._....a.z9-......\7

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000023

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):31169
                                                                                                                                                                                                          Entropy (8bit):7.965196413015818
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:ubeuvXBR3r1KzEFJ3JxDw5HZ0l+8jyesyve:Oe2XB55xDQ0/syve
                                                                                                                                                                                                          MD5:B3C143B38FF236A7AD6F053494B1E177
                                                                                                                                                                                                          SHA1:ECCEECF97B614FE461C19315BAB233D7A41DCE8B
                                                                                                                                                                                                          SHA-256:9DDED002A0B068C4072F96C6A615BF0A77CE2DB3390103C1DA8EC5E8017ED660
                                                                                                                                                                                                          SHA-512:E92BAFFD7747A6C811D7121CDB4C7B9B0C26A529034C2E535F76C5E4A6A8764613B21375F301FCE41EF2988D40C0EBBECC2245527C61C1B6E739E65C93B3B341
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:......JFIF......................................................................................................................................................h....".........................................c.........................!.1.."AQa.2q...#R..Bbr.......3CTUV..........$Scs...%45....Dtu...6EF....'................................<........................!1..AQaq.."2........BR..#b..$%r...............?..TQE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E.P..Q@.QE.QE..E{j.(............4.4VA+..M.....5.R|.f.j.......S+".+p./....[$...M..@|....9R.3#U......{.4......e[.>.fG5..Sx....en\...>'..r'...%QJO.8._......w=..?...=N..+..E,....'...C'..O.5>.W.Y......o..<W...W...O......W.Y<...(.y8~A.....i9;.....e=.....q:..z3.S......T...Y.ek.V...pV.;..j..G...{Q.,d..@.$c..lI..2"...'...x...5. b.&....T.....T...

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000024

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):104392
                                                                                                                                                                                                          Entropy (8bit):5.447610322095709
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:BkDEh3IM8XxGhahyVVoKHEZLs9ccKO4AreJsHxCpSU/GD7a7f1dUWXFFS:BkfxGAUVNEZbIHxC4om7a79GazS
                                                                                                                                                                                                          MD5:78D89D9CC064FB0A09530DA2C00DD81E
                                                                                                                                                                                                          SHA1:12E95DFCB58AEF646C8EA70C73FE506B0FF2982F
                                                                                                                                                                                                          SHA-256:10B7A6A70DD63473878E033A88A12AC3B6D3C49191FE0CA8E3F2BAFD96B80B4C
                                                                                                                                                                                                          SHA-512:F888CD2AE12370C6ABA517F0AF32378BC9F5C11E07A21C440971B471822533A30BB2C05C4555EA5BD99531236E9A47A01445A229A2B912ADE5BC9FC91447BA69
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:import{S as ve,e as Me,f as Ce,a2 as Y,R as O,L as he,Y as N,$ as R,x as D,a0 as w,U as z,ai as re,Z as rt,M as Pe,_ as jt,N as me,A as F,ad as ut,C as Je,aq as bt,n as di,aF as po,aJ as Xe,h as se,D as mo,T as An,ao as bn,t as S,y as oe,l as C,z as ae,u as le,j as ce,k as ue,J as go,aK as ho,O as yo,aL as Ao,o as bo,am as xe,v as xt,G as fe,H as de,I as pe,a1 as Ge,Q as ke,ab as Nt,ac as pi,a6 as st,a3 as te,a7 as lt,a9 as qt,af as je}from"./vendor-rii-AV_l.js";import{t as qe,u as No,v as Nn,x as _n,y as Sn,z as En,A as _o,D as So,E as Eo,I as vo,k as Mo,F as Zt,l as Co,B as wo,G as yt,H as vn}from"./App-CxTZVnef.js";import{c as Io,g as To,a as Mn,t as ko,o as Yt,b as Cn}from"./time-ewJhiJwX.js";import"./index-DtMr64Oc.js";import"./index-DQE_taSP.js";import"./strings-D9eBrPdG.js";(function(){try{var e=typeof window<"u"?window:typeof global<"u"?global:typeof self<"u"?self:{},t=new Error().stack;t&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[t]="8da8aeb6-e95d-4377-8abc-e1

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000025

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):28885
                                                                                                                                                                                                          Entropy (8bit):7.940251079924301
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:384:mOrvnDZbCY946AyYurYMexwt+Kxn52Ww60YKfUGkzUDQCvpmK+6OXcTRXU9C8ZoE:9vF+YdreI+Kxn5RwDuGwGjLAUXUkMoE
                                                                                                                                                                                                          MD5:6909E84F1F144505D2376D14F66DE5C9
                                                                                                                                                                                                          SHA1:97A2389BD1BEF3D7A76B8D23A305696C38F8D5BF
                                                                                                                                                                                                          SHA-256:83A688ADF108B5F9FB16F2630E7B20A826A6572461A280F9FA029B38E733E5DE
                                                                                                                                                                                                          SHA-512:BD0EE0BA70AE482042593824CB7EE1425E3687F6BC60237E48D92AA8E60555E5272A20A2A4F6D7990C91B6354EB9402285618DBCC469CDA8FD2C85265D2AC7BF
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:......JFIF......................................................................................................................................................h...."........................................O......................!..1AQ."aq......2BR.....#r...3bs...S.....$C........DTc.................................3........................!1Q.A..a."q...2...$...Rbr............?.... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ....,..x.....{..5..fG...(.....}L.<~Pd..Dh"G...=.}P....&|.$G.%}D.<~P.d<<.A.>..#...X......=.....!.!.....}T....T..Hb.|..=..PxA...........Y..d.r.1!.!.g<!=I..\.....T`...%.]...}\..:....p.CPC.W<#.e<<.B....b..,gQ....{...\..$@.,....{...vR.Oy.A.... A..d.T...(lu......H..-S..sGy....>.Q..,.r.1........;..ai...i....e..8#@:%7........}.}...e.fG.;.i.Cg{R...!i.L.jW.W..\.dy3.F...

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000026

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (45271)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):308035
                                                                                                                                                                                                          Entropy (8bit):5.318298420291545
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3072:59pX0oT0xaIrfHTfSWfHBgwvmPfSiGvjcIyGnrSTc+yPnsTS2hEKzwuDPIh:XpaxaIrHjS8HBgCm37GhsO2hBwM4
                                                                                                                                                                                                          MD5:AC954F713DB49D6EBB0BD8AB9E89CEEB
                                                                                                                                                                                                          SHA1:54FDEE88EB04124B05B14C17F491A688A838E5D1
                                                                                                                                                                                                          SHA-256:D0B68B4ED4564D03B8A90CAC1F94FCD46CE0F3D702973D305C0E517B1A0772DC
                                                                                                                                                                                                          SHA-512:6696CFA5A9CF8A764D2C294E1AD69DF2B03C4826D8862024EA373C101592B738FE54FC9188BA23E11C91EED8C3FB3CB95D83A6C484AC42F24EBE77C3EDA481BE
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:import{V as getDefaultExportFromCjs,aD as commonjsGlobal}from"./vendor-rii-AV_l.js";(function(){try{var t=typeof window<"u"?window:typeof global<"u"?global:typeof self<"u"?self:{},e=new Error().stack;e&&(t._sentryDebugIds=t._sentryDebugIds||{},t._sentryDebugIds[e]="d6bc7e12-fe38-4f1d-9e8f-8703ec599f58",t._sentryDebugIdIdentifier="sentry-dbid-d6bc7e12-fe38-4f1d-9e8f-8703ec599f58")}catch{}})();function _mergeNamespaces(t,e){for(var r=0;r<e.length;r++){const i=e[r];if(typeof i!="string"&&!Array.isArray(i)){for(const s in i)if(s!=="default"&&!(s in t)){const a=Object.getOwnPropertyDescriptor(i,s);a&&Object.defineProperty(t,s,a.get?a:{enumerable:!0,get:()=>i[s]})}}}return Object.freeze(Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}))}var lottie$2={exports:{}};(function(module,exports){typeof navigator<"u"&&function(t,e){module.exports=e()}(commonjsGlobal,function(){var svgNS="http://www.w3.org/2000/svg",locationHref="",_useWebWorker=!1,initialDefaultFrame=-999999,setWebWorker=f

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000027

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):46382
                                                                                                                                                                                                          Entropy (8bit):7.982149997883431
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:gHzZJ2SLD6MdfOlYtW60WRpFQ/poWnamhPANn3fIP2u3g2ngIfx1BS0at85xHxRq:CJJVdNtG6G/G04nPwhw2jfstCxHxRbE3
                                                                                                                                                                                                          MD5:3FD8293AD6D39E4DAAFFB3E57D379B57
                                                                                                                                                                                                          SHA1:FCEB352704BE7F86E1730830896BEF5C758A28F4
                                                                                                                                                                                                          SHA-256:EBAD314AC5ED0B58ABF73CA816067A35B8B6CA3356B6E7CCF62B83F4448A6CC5
                                                                                                                                                                                                          SHA-512:7E37166764DAF506A3D707394648B71A87917C7410F713EBFE5D388859A9DB8EC7B8EF584649C94B46E707D2B02FC158389F87DA9F0F1C4F0FAADDD6EEB91A4A
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:......JFIF......................................................................................................................................................h....".........................................a........................!.1..."AQa.2q.#...BR.......$3Cbrt......45STUsu....%&Dcd.....6E....e.....................................G......................!..1.AQ."aq.......2R....#3Bbr..4..$Cc.....Sd...............?..X0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0`..`........F..0!.0.z8.k....t]...........9.0a}.)'.}m.\s.:>......!Fp.0aE.C]Z...........8...E....4+.s..B...ad.q...?.....Y......G....>.k....K#.i.u....Z.5.....t..m5.6......./.7.1......S.S...W..o....;...../.?.1.uu?...... .j.0..)...1....}......ng......f...Ll.I.3pa.:....S..g...W.<...?.x.......W.S.

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000028

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):55728
                                                                                                                                                                                                          Entropy (8bit):7.98248543718097
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:3cW13tnyk6xJH65qJpua+WYMjkHQzRJkPU0Hkzmtl:33tnkfa0zuq4Q2Mmtl
                                                                                                                                                                                                          MD5:F4F5A7C0DC5A255EED4473DBEE6EF825
                                                                                                                                                                                                          SHA1:75E6C24FE94DFC9DC4CE014E7D266E3BC96BBA18
                                                                                                                                                                                                          SHA-256:2C26AA04D0C2EAE9F1799E125C561626DCDFE881B0339F7AAEDB7AF45500F832
                                                                                                                                                                                                          SHA-512:E029FDD6491BD12DBE4C1D053682582962F895880ADC6012A257BF7CAB38E78B71B0230796E9107B58714A79283E013CE88279D4409B0722D08F0117D3037D8F
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:......JFIF......................................................................................................................................................h....".........................................`........................!..1.."AQ.2aq.#B..R....$3br.........%CSt....5DTUs...4d....c....Eeu.....................................J.........................!1AQa..q"2........BR.#br.....3CSs......T..$4c..............?..,.0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#.......q^H.3L........eF.w..<|%.G.P......{i.........F.Q.10yzOT.O.q.r.......(......S.WC.k..........+#..VC..n.MC.r..'.|.......}nZ..?..4........R.....-.;.s.XM..<.5..5,.l.m...N<g92U j....G..^.[F...O..Wr...l.X15'-.<..?...!...'......l..co..........w4......Jp:77p.bx.pbf^\.m`..(s[]XJ..

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_000029

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):48982
                                                                                                                                                                                                          Entropy (8bit):7.980351047693944
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:768:tcakHPtSz0nGUw1wKzaRrC6+65nG/7j6B76gkldYNZra6MfONNE14PBNHwUU2:tYvcoGqKQrr+MGyNk+Iv4PBJwUd
                                                                                                                                                                                                          MD5:3720F60FEDD41C793BAE75824F74F5EC
                                                                                                                                                                                                          SHA1:B239356B6DC3B63065E87083E07A0DD92395C9A3
                                                                                                                                                                                                          SHA-256:B0D6B083A1D6E9AB4EB7C6B5F98C8BBECB3B6F806C44A9C782D2E0F46741617A
                                                                                                                                                                                                          SHA-512:042B72121DD20162277ACCAB4FABA72FABE90587C4446F8021492C96FBC734969161C3441DB70293EB737C51C023FB7C61702267651C4AD676FD4A10FE3C457D
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:......JFIF......................................................................................................................................................h....".........................................b........................!.1..."AQ2aq....#BR.br.....$3t.......%45CScs........DTu..EUde......&6...................................?........................!1.AQa."q......2....#BRr.....3...Ss.$............?..,.0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......0`B0`.......#......{..g............./q...?........5.................L.....I..|co.V..nS.$..1!.....;:.j..0..&..j.eH.6.nuu.....G..$.&."Q.........W..].>...l'.....5.!....|.3.l..../.DcV..S4......WU..>4..E:...aY...Mky/.h..L*.s..30.\U''a..0.......r........3..U.2..G...(.A.5.[.W=.......P.b`tu..v4w<...x......Y./.

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00002a

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text, with very long lines (59000)
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):149994
                                                                                                                                                                                                          Entropy (8bit):4.84602990632708
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:1kV7f/Al/gc0w1aQie8IMVxbFg2W20UfTR+rLrg:CS0w1aQKVxbFD0UbR+rvg
                                                                                                                                                                                                          MD5:F6C5A55CEE02422E137B999BF80B410B
                                                                                                                                                                                                          SHA1:EF9EDF54FFD0656A5B86582CC737FDDB834CF2C5
                                                                                                                                                                                                          SHA-256:99FB52370E2691FF26A51DE772CEBE42DED1C9189312035C518F9EF185BC7EDE
                                                                                                                                                                                                          SHA-512:24ED70A60D3BB8B4CCBACA8EF6F070C7070D20218E62D7B4DDDE563EBD227AF08771C77E1FE5B9C011448EBA1EE947F77BB642E72432E80D659C07F35059DF55
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:/*@cc_on;document.querySelectorAll||(document.querySelectorAll=function(e){var c,t=document.createElement('style'),i=[];for(document.documentElement.firstChild.appendChild(t),document._qsa=[],t.styleSheet.cssText=e+'{x-qsa:expression(document._qsa && document._qsa.push(this))}',window.scrollBy(0,0),t.parentNode.removeChild(t);document._qsa.length;)(c=document._qsa.shift()).style.removeAttribute('x-qsa'),i.push(c);return document._qsa=null,i}),document.querySelector||(document.querySelector=function(e){var t=document.querySelectorAll(e);return t.length?t[0]:null});@*/ !(function () {. var t = function (e) {. return e.replace(/^\s+|\s+$/g, "");. },. c = function (e) {. return new RegExp("(^|\\s+)" + e + "(\\s+|$)");. },. i = function (e, t, c) {. for (var i = 0; i < e.length; i++) t.call(c, e[i]);. };. function e(e) {. this.element = e;. }. (e.prototype = {. add: function () {. i(. arguments,. function (e) {. this.contai

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\f_00002b

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):168929
                                                                                                                                                                                                          Entropy (8bit):4.007094560453527
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:abYq5nbbUb42qHrbQbbDFbubAjCbwb7bHb/bXbumbeIb1b4bbbybVbRb1bJ/F2sT:r/HHAsY9Bj2
                                                                                                                                                                                                          MD5:C9CAA63A244892710CC32810566B4285
                                                                                                                                                                                                          SHA1:89222142B1083369A27B2B76710D7C78044A4D68
                                                                                                                                                                                                          SHA-256:0560FE562F97D895A6E265D17BC3B9C53DA8D9F8FABCFFD4AB5C0662B1D3534F
                                                                                                                                                                                                          SHA-512:6C5C949A524CBF19F7B990870833EE8F257F4024B6638C86740351CDC828C5B5ED687F4C51771E652EE900D6843DBEB0B20D975847935347C1E648955DCFFDF9
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:!(function (e) {. var t = {};. function n(r) {. if (t[r]) return t[r].exports;. var o = (t[r] = { i: r, l: !1, exports: {} });. return e[r].call(o.exports, o, o.exports, n), (o.l = !0), o.exports;. }. (n.m = e),. (n.c = t),. (n.d = function (e, t, r) {. n.o(e, t) || Object.defineProperty(e, t, { enumerable: !0, get: r });. }),. (n.r = function (e) {. "undefined" != typeof Symbol &&. Symbol.toStringTag &&. Object.defineProperty(e, Symbol.toStringTag, { value: "Module" }),. Object.defineProperty(e, "__esModule", { value: !0 });. }),. (n.t = function (e, t) {. if ((1 & t && (e = n(e)), 8 & t)) return e;. if (4 & t && "object" == typeof e && e && e.__esModule) return e;. var r = Object.create(null);. if (. (n.r(r),. Object.defineProperty(r, "default", { enumerable: !0, value: e }),. 2 & t && "string" != typeof e). ). for (var o in e). n.d(. r,. o

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\Cache\Cache_Data\index

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):524656
                                                                                                                                                                                                          Entropy (8bit):5.027445846313988E-4
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3:Lsul7Q:LsR
                                                                                                                                                                                                          MD5:29E8EA0D6F9D7B5FA89C72516588280A
                                                                                                                                                                                                          SHA1:77C5168025DF5F09C21050AAB42CCC550C91B6D6
                                                                                                                                                                                                          SHA-256:1ECA1C6E80787DA4E7E75D48B868A7F535B0D06A07A470B85C086BA8CAF51C89
                                                                                                                                                                                                          SHA-512:2FCCF4014891CA334222FDC591F2D0684FF9BA8EFF3094685EF8A5798CE632294C856D993395D77B97159FFDDEC70689CA3D7B8D0093F6E306E658BABB993AC2
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:........................................dU..fs/.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\System Cache\Cache_Data\data_0

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):45056
                                                                                                                                                                                                          Entropy (8bit):0.04469063214076828
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6:/Fii23PKkN+HPuqTbZiRPTrh9S6fkJl7Q37S8Mtk1:d+/NOmxPfh9xMJ637vEU
                                                                                                                                                                                                          MD5:D0753BA8F9AC14BFC8E9115C76D17D67
                                                                                                                                                                                                          SHA1:1E3739F2CB63A353BDDD97989086E162EEF674B0
                                                                                                                                                                                                          SHA-256:A78B62318268283C3C801E8C759AB3727BA5769C6BC23AAA9F3647D60C5EE585
                                                                                                                                                                                                          SHA-512:449C942F1DE8C13311537146AFA0F1AB7837812E2B8F52D7BF3B9406077260119688D931FBE9ECFB1590D49A25EDA6B73C302A451B5823E96EEE3DD96E2FE7DA
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\System Cache\Cache_Data\data_1

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):270336
                                                                                                                                                                                                          Entropy (8bit):0.05722599312702698
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:UwSwcL/kfwSwc2i5iM9g0zbr6ei5iMj8g:UVJyVYi5iMlzbOei5iM
                                                                                                                                                                                                          MD5:595F44D4E26401BD49DADAC8B2BCF35B
                                                                                                                                                                                                          SHA1:10344E8FC3A9CA736CC259B2F213A21A00BFE620
                                                                                                                                                                                                          SHA-256:296CD2B453A48D2EECD08644F29549B588E539C75380C1F728767E7A1D29F29D
                                                                                                                                                                                                          SHA-512:44CA9E78F85E351DAE53A9FD11C3279809DFEB9A2BAB3A71B3D29ACB849E26BA09FDFC9096E5C31852E83AACBDF867A2393469951503727320F4C4999D3B39A4
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\System Cache\Cache_Data\data_2

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1056768
                                                                                                                                                                                                          Entropy (8bit):0.278164822408153
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:384:ztLqXJtITaRvAGIEC418gqXJtIdkXRJtCiWfUPlALKJtrLCXRJtC:pLqXJtYa13qXJtnXRJt+cPlBJtyXRJt
                                                                                                                                                                                                          MD5:AB2BBE05B5835E7D99546FC2D02529B7
                                                                                                                                                                                                          SHA1:81517920C3F78957346C1504A5B9DE825D6C9ED8
                                                                                                                                                                                                          SHA-256:DC9BB94AB3D191E9327D3B81D27A53DEF3F7D86805D0E5C82666FB1F4A89ACFB
                                                                                                                                                                                                          SHA-512:BDA8EC83FBB5374FA5664CB2767EC83514CA6FA794917ED7702AAA4BA6A9CC9609D188EDC6F6A60CBC6FBAB484AE8CA8883B898D91BDB75FEF744DE30598525D
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\System Cache\Cache_Data\data_3

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):8192
                                                                                                                                                                                                          Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                          MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                          SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                          SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                          SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\System Cache\Cache_Data\f_000001

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):140775
                                                                                                                                                                                                          Entropy (8bit):5.170244966514947
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:1536:Jp3CD0SMi6We1mJXDDRmrAe4xnzR7vvODy:JpSM3We4JTXz9WDy
                                                                                                                                                                                                          MD5:1EF34DCFC08237E317B9EA5E6494D429
                                                                                                                                                                                                          SHA1:1929EE76DC7603F9F7527ED3370C2723E507714A
                                                                                                                                                                                                          SHA-256:07A35BE742E8543E4918EEE6D95068A77E146874BFB0EB8D60904D761C06A9D0
                                                                                                                                                                                                          SHA-512:1039DB8A6E2D1EF175B13F57AE585E33575F450E9EA9036D03D2516F1071127175E2C34B9D3D08B71445C87FCCE2DE40FDD23E23FAE3181B552020E6B82E52B5
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"suggestions": [{"name": "Humble Bundle", "partner_id": "gx_humblebundle_suggestions", "url": "https://www.humblebundle.com/", "thumbnail_url": "https://sd-images.operacdn.com/api/v1/images/422e375ff749adde024ab3ea5ea01275e40e5f1b.png", "history_patterns": [], "priority": 0, "favicon_url": "https://sd-images.operacdn.com/api/v1/images/ad4ac5dd18b5c44cdc22a37217bfec19a3abebd1.png", "real_url": "https://www.tkqlhce.com/click-8384705-14473383?sid=operagx-desktop-global", "ping_url": "https://speeddials.opera.com/api/v2/ping/gx_humblebundle_suggestions", "keywords": [], "categories": [], "rank": 1, "targeted": true, "ignore_sd_filter": true, "required_dna": [], "forbidden_dna": []}, {"name": "Fanatical", "partner_id": "gx_fanatical_suggestions", "url": "https://www.fanatical.com", "thumbnail_url": "https://sd-images.operacdn.com/api/v1/images/4335dc32a6e411f84f57cd66d91181c53788d707.png", "history_patterns": [], "priority": 0, "favicon_url": "https://sd-images.operacdn.com/api/v1/images/d

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\System Cache\Cache_Data\f_000002

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):541788
                                                                                                                                                                                                          Entropy (8bit):5.186042707102053
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3072:JpSM3We4JTWdslsQeTOrT2lNbesv0lfTv7029UZz1cFxeg9i/RAimqs1:JpR3W5JTUnfNbes8t029sz1cI/RAiRk
                                                                                                                                                                                                          MD5:675383AD7E1EF3C02E7DF37DF0FC2D41
                                                                                                                                                                                                          SHA1:B91A68A5C89DC24D238FF1D75CA3E7CFAA0515DB
                                                                                                                                                                                                          SHA-256:756FE8D8D1D3C0E6E0E027475A713F30465A3FCF32F860CBD7F3BCCBB7648BC5
                                                                                                                                                                                                          SHA-512:88ED4970C3D5E1824A18AF9FC0F749C9F1D46EE98422E285BDFDB9B0CFDEFAAFC286425C25CBF0F716B043078583B1BEDFB2FD3C094919EC0AB572573A18E32F
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{"suggestions": [{"name": "Humble Bundle", "partner_id": "gx_humblebundle_suggestions", "url": "https://www.humblebundle.com/", "thumbnail_url": "https://sd-images.operacdn.com/api/v1/images/422e375ff749adde024ab3ea5ea01275e40e5f1b.png", "history_patterns": [], "priority": 0, "favicon_url": "https://sd-images.operacdn.com/api/v1/images/ad4ac5dd18b5c44cdc22a37217bfec19a3abebd1.png", "real_url": "https://www.tkqlhce.com/click-8384705-14473383?sid=operagx-desktop-global", "ping_url": "https://speeddials.opera.com/api/v2/ping/gx_humblebundle_suggestions", "keywords": [], "categories": [], "rank": 1, "targeted": true, "ignore_sd_filter": true, "required_dna": [], "forbidden_dna": []}, {"name": "Fanatical", "partner_id": "gx_fanatical_suggestions", "url": "https://www.fanatical.com", "thumbnail_url": "https://sd-images.operacdn.com/api/v1/images/4335dc32a6e411f84f57cd66d91181c53788d707.png", "history_patterns": [], "priority": 0, "favicon_url": "https://sd-images.operacdn.com/api/v1/images/d

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Opera Software\Opera GX Stable\System Cache\Cache_Data\index

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):524656
                                                                                                                                                                                                          Entropy (8bit):5.027445846313988E-4
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:3:Lsul8cD3/:LsU7
                                                                                                                                                                                                          MD5:7A243265D23345D318FB436CD1B6C04B
                                                                                                                                                                                                          SHA1:B69638F8C981344078B312DC6FC8E3A499301A9F
                                                                                                                                                                                                          SHA-256:0140C530E78C89C13CEB89B964A57C125A8A935A45D2424819D640DA6D170084
                                                                                                                                                                                                          SHA-512:185492621AFD90C1E95B2C1B4339C6DD4D68EFB82FF4BA707E3E22FF988AAF1CE3E5706658D99A5EA690DE9BE0958BCFB100C3A552BDC2A7D4455AA7777AB419
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.........................................qa.fs/.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\107.0.5045.79.manifest

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):225
                                                                                                                                                                                                          Entropy (8bit):4.929804541487484
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6:KdhlRu9TbX+A8/5RFYpThkokIkoX0CdiYCWoA1G:KLuVA5cp1kvIks07vWBG
                                                                                                                                                                                                          MD5:C45BDB4215269232365A5939FDCFD5EF
                                                                                                                                                                                                          SHA1:6947C09E83ED9FF44C747280104CE62C129CE08B
                                                                                                                                                                                                          SHA-256:881561A1AF511D35898655D5233605380EF1E71111781C05F637AE7EC578B216
                                                                                                                                                                                                          SHA-512:0575A827C9C57FD1B7EDA4FDC6B5D710EE87AB3CCB1F74CF3F3E6A771A1EFCE490F549BF90803D237352D6E461E3275EA90B9D41B701E56F8DBFD07F44733E14
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:<assembly.. xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>.. <assemblyIdentity.. name='107.0.5045.79'.. version='107.0.5045.79'.. type='win32'/>.. <file name='opera_elf.dll'/>..</assembly>..

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\150x150Logo.scale-100.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):2181
                                                                                                                                                                                                          Entropy (8bit):7.807674908350133
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:Pe+1prHq0WWdnFX5lKhqEiJVk10s5pqe/cme:G+1prHqXkhrWqEiJa10ae
                                                                                                                                                                                                          MD5:B5A21B88B3D8A42DF265817EBEB742BB
                                                                                                                                                                                                          SHA1:E0BE32B4FC158DB4E9783094CCE614922114B742
                                                                                                                                                                                                          SHA-256:9635C074C9D8EDDE0BAF3111DBD7DB49CBDC370C4F729C80AC382949F32BE526
                                                                                                                                                                                                          SHA-512:21ECE0DCF17B038400D09565438FCE8BE61746DAA0250F2FA9D0526BBA3D1CE6F8DA5CCE944EF8FA685C5EB6CF857B073D2A50ADA44A44A76D84813871FAA5D0
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR.............<.q....LIDATx...1..... ..6.^`...................{........m.m].m.m.m........[s....._.....N.Nw..._w..P...R... ......`........_[.i1...`.$.......C......*..,...v.l.>.ZP.B...E@......!?d..!.d.R......g)0...^H[.u.4.k`....0<.d.1.....0...Q`..I.._T..!...|pG.m=..a&.e.U(...C...n.^`........FB.X...Oio...z!...:.Tx.8;..9.[a........{.~.^......P.].r..d..A...?....<y.v"......l......^..._.....MA.o....?.>u._.d..`......E.@.5........E..................R...A..O}{.k..2.....jx\..5U.a.%."#.nA....6.!..W2.............R..j6r..v...."....N.GA..8.......>..p..#..,X.....Q...y..#.a..)....Q.e.zc\.'@.Al.....io....=......D.......F......A#6.^.^.Ma5...b.b...D...+.P.. .[.o..z....,...#<U.0.O.#..Z..........Q{...jA..ka|}...q.s.y^.!.Gh..R....t.g....F.......gt..6...7YjaU....0.*.......3..l.#.. =.h0t.06.v..C...T.}m..%...g..i,Cq..8.g.q..hx. .>..Kz...1....VF.)..q..$....._Z-.U...(....~>...-z]$.mh.%...e.+.....|.n.2..:...N._R..x..>.|S......i?.P....Q.F.d..U.8..i...T...........I.

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\150x150Logo.scale-100_contrast-white.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1828
                                                                                                                                                                                                          Entropy (8bit):7.716814612583543
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:uIrxqF+qFL9yUaKagPWex0mLgIbPdyFKD0YTkogFey6mkAN7G:3wFRoGagTx0A4KDfTko6eCZG
                                                                                                                                                                                                          MD5:0BAE0648C3E320C4D439F158B4FD5531
                                                                                                                                                                                                          SHA1:4E860AE24F03522C89BDF37F3CCC10B54832861E
                                                                                                                                                                                                          SHA-256:28CE8FCB22080CE1F69346CB0720BBE5662959E413426F00062B706013DA8C28
                                                                                                                                                                                                          SHA-512:6A5E4105CCBE1664546798DB057B93622C9CBD6D5AF4967E6BE4E390A18FEC0FFCC807E3331F09ED0DE63ED85569BE7EC5EED5A7C663DF6CE4A5B70E09500371
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR................i....IDATx...i.]U........J..RT.H....T...seV..)b.B.5.@.a.Q..P.c. 2E....eR...P(.....P........I...s..v...y...u......Q.EQ.EQ.EQ.EQ.EQ.EQ.EQ.EQ...S.n...j.."....p..|B..]....>.......9.32.....Y.l.R..*y.\.8.4.....p.K..EY%}.5.h.[*.|.V..i.F..q~...;..W61.M5_..1F...Gj..IZ..u. ...*.w....oS..D.r.).U....j.y.#..y..U..;S.-"...n..v.^i.UW.j.hk...n.....,...LRe[.i.}....H.z@.9.q..".v.U9.""n.)....DD.iX.b.....*'....v5.#..~.$.7.]..Tm.....i......+....m...x.j_.'"NG.]..n.j.vl{..Ls...;.T.=E..3...1;.v..xB...*"^.1U..8...xL,7]...D.9.i.."..N.."...c..D...X...c+.t..8M...[......"f.........R..0R.1..Xh..;ND.=U.ID.a.....v..8...'.uct.....k.q>.q.jc.+b...F....r....AN.....}.....Y.J.k~.;4.3".U....s..$....n.q.b{.q.j......".Y_..E...b.=.S.".4...[...S....Y.6O.L...."...."......i../"..!M.>..4ED.....I..""60x.Ct.i...4.."..f..`(.....4..5.L....o........*W....xX.M...E..C...r.....U...8..<'.G.}D....E.k!.8...ED..iL...V.8.."b.C3[Dl..gED..^....-...NDL.iBs..O...`m..zW...k.A

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\150x150Logo.scale-140.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 210 x 210, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):3140
                                                                                                                                                                                                          Entropy (8bit):7.81304512495968
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:96:X4+RWiQZwj2bSjtW8+i2elETWt5nQ1pzuiV8:ozEW8+iZECt9kzuie
                                                                                                                                                                                                          MD5:7E529063A02E4E83736B0263CB1B82E0
                                                                                                                                                                                                          SHA1:17A3C4B76962E90B1D2FA8A49441157949F4DC78
                                                                                                                                                                                                          SHA-256:A36A13A5D5E3D39E3018CCC5F8859944C87256F8BE24A3C08A6BF3CB06A26804
                                                                                                                                                                                                          SHA-512:571806725F83FECA90360B246D167A8857EDFD9EDC8DC0EF7EEEF80F291FD06088C405A5653513CB8AA309DF08CD609DF85A95E3379E3E5907566C876CA77CDE
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR.............?..B....IDATx................................................{..dg.8....m....m.Z.m..;;y...s.GI?..Su..k=.T#..#.;..}/\.g..:b..a+.....t.A}...q..hq.-.}...`:.gk....tm.$...Ax.....B....c.ih....G6L.....;...T.U0...l....~...........W....=<j.....X..O.....r.Y..-..Q..1.....q`..PC..jL...x.'9........y.b=L.m..(U........a.....W......`:.Me.jh..U0.......;..{..I..|.W..C..4...b.nt.......L..a.........`9.!..7N@.......E.?..$.._.q..6..":.+`....W.O.G>o.F.K.c..G.28..Q.....|.....m..#X......N.P..{:...1.........4...F.....w......Z89.Y.w`.L...v.DC.h'......h...[=...c.2...&ze*h..t..j...@?..cpN......0...KC.....f..F.....2"...c1..m.)y..q..(..C,.e..!w.N@I..q4.......!.A...;q..Y..sy.{...."L.p..#<...'.-8.!u.C#...O;.......y<.=....h.c<.=...5N...s....._...p,..Ia...yo....=...Y..4...t.}m@....g._.......#.M{...t........t...;.bjh..l..84.C8..z....B9..[.D.R..}...r..e.pl...~.....<.~ `...Ep..b...L.^.9..x.vB..IZH.a,k..c..L..U...M0....}.n........H..<.!..B.(Y

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\150x150Logo.scale-140_contrast-white.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 210 x 210, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):2659
                                                                                                                                                                                                          Entropy (8bit):7.828610258666657
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:zQX9JrPPPPPPnouwOlIbylOhFARjcSY1E1y0fAiKb+Y+GzYvpSYWTX5sPPPPPPPn:z0rPPPPPPojFby+m00fAiKiySSYWTXqP
                                                                                                                                                                                                          MD5:EBE7D27ED3B4CB6566A10165ABFAA941
                                                                                                                                                                                                          SHA1:FDF7C27058CF5DAF7061756E938A33C1BBB26C3D
                                                                                                                                                                                                          SHA-256:0BD63FE653885286E180FBDF6D1DADC66AF242B8ED6BD1D03D8C5ECCC20E91D7
                                                                                                                                                                                                          SHA-512:50EC8592D78F00A6387F06E077E0DEF88DB26723C0FB8632C4EA06F2E09488DB0FB82E0EB1F03DA53F9C750F6CEBD29F7889B1DE342E4F0AE69F88C4B7B1425B
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...............V....*IDATx...{.]U}......"... .!.#..D .k..:.....5...6B..Q@+..lq.(%my.P..C-..Eb..<L5..<C!.1.$wu...f..}........5..Yk...^{.}..RJ)..RJ)..RJ)..RJ)..RJ)..RJ)..RJ)..RJ)u.d.Y.b?t..Q.E.,u......$o.-..rK....nw..7..w.TF..-...5=.r....?N...a.N.....~7..7,...r..-..q.}..R....Ye#y.u...IF2...Z..6.o.F....R1<w..]T..H..zw{.k..Y.L.Fm.k.ay.W.P.....I..,5G..C..........v.]...].-R..A......1.a;J-..>E....Qe'............#^VF.J.J-.....LRe.....|....g.M.e.+<.l$gHM.l..y..T.s#.Ow.o+....=...4....P"..J...("...]...~....z...h...P.*..QD....Fg.a..7m...W.`.j..C.q...E....D........8.i..D...^c...J.,.../.&rH[M..9.4._kfzN..#..bD.....[.D.4M3.....2Cs.........._k.Z%....bs7+...wkf...'.%..D.j..!M4A.z-R.k5.....q+-.*&j,..GE......p..(.j_V"......i.M...7.....E..LUz.8>i..jm....[.T.].F.%Q.;.2.....X.x.....-...b...;EQ..dU...avR[..V...f....`,.....J........K...........NWe.....Z:YT.>..{....-..(.uvV......P.x...m..ku.)q..Z>9vU;.)..xTC........j"..ra..D..(..6...t.Ib.O.....D

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\150x150Logo.scale-180.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 270 x 270, 8-bit colormap, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):3904
                                                                                                                                                                                                          Entropy (8bit):7.301300867894784
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:Fe0zdfrjvg/ofL7NkqKgOL6bq64wL3XtakhXSTxyfO8cg7WZUScsO62vSQ6Q4MCR:JdfrYoDdbJlXBRSMoj6H626Qr45eg
                                                                                                                                                                                                          MD5:F332E088E89B88070EF1EFBECA5B90F8
                                                                                                                                                                                                          SHA1:86129A8B1E2E7F78D6CE23C58A37FAC9DA5E566D
                                                                                                                                                                                                          SHA-256:6A8F64754C75EDCC9ABC1138E44ACBD7064D7E8E2A28783939241DBD6AFA30A5
                                                                                                                                                                                                          SHA-512:2314AAE692C024F914661E46CFD76531DA6C09B94C084FE915A0594625927DF30282D09518A950EAFCFDD2E499B1E4877CF3CDBF5509DE0CC756DADCDE43FD45
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR.............Oo......PLTE.....N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N..N...*....tRNS..8Uq...........jO+..D......o3.0y..b...g..a...@........_....d'...7Qp......K;..^h.\.W.../...S....-..J......&......Y..I!.P.w#...uT |....:.V...1.z%.Fn.6....N..L..$.2.?.e.s".ti

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\150x150Logo.scale-180_contrast-white.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 270 x 270, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):3673
                                                                                                                                                                                                          Entropy (8bit):7.8322183683928195
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:96:nBWR5fosUcvpqnOtkeU4ghCboMmSaj+5UZy:MvHUUMnOtpz4Csz65UZy
                                                                                                                                                                                                          MD5:98B9F7A4F4322E7B46DE392FD20F66E5
                                                                                                                                                                                                          SHA1:D009D227522206C40CF592E460C9642CD03B8769
                                                                                                                                                                                                          SHA-256:A706B332E6A846357A86C30D0E8BB7697E7DD55C2AE592DD45611DDCE0C0BF14
                                                                                                                                                                                                          SHA-512:3B3E5BAF3CFC57119E0812DE2816DF6C7DCB42E96C4891E47C4F32320FD3BE2F27A0118051A6651595BAAAA30069BB1C0D78AA701744A44534CABE7547D4BECD
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR..............1.... IDATx...k.u.......:.....*.o..I..J...L.H.(a...1....6S.....b.6..2M...fD.M..TN.5..o qx....;g..}^........."""""""""""""""""""""""""""""""""""""""""""""""""""""""q2.3Qr..z..<r....D.w.2.".r.*...s.......\..)d+.XJ.A........8Vq....g...vo.%..B..._M{.a&.XZ;.|r.v%."NaN.Q..R6....c.cN..~H..M1.X..a'%.d,=iZwF2...;.l.xU.H[..i.6;q.....#.y...w...... m.$~..$...L\E...l. .IM2s5.==.%..-....|.:,.`..........<.c-.".\....l...3...j4...B.sn@....Oxb.%.....B......$...-...WC).j..ru.s+.{.2"..5.c.q.e-...;.`-O1...@.G.F3.El.'..>$...(....d....6....%.CG\.e.[8.5.!.#....`q.3.W]X.%...$y...&...DZI....K..W.x.....%.......H+.O%../..n...~....C4...9nAZ..`..F...2.S.khhtz.E.(.CX....Uf....^&J:..@....$M......(.2..U.].O'vc...mzxlm....obq.M6....,.."H...}J'\yll..,....Jx..$/..X.uH.&.].....r,P-...[9.Q...Lr:....(..>..|..;.h4V.%y.|.]...$#....[[..d...U. ..B.H9..d.26.#.w..5.b....q....oq..0Z.y.NP..1.c.V!!.D=.k1.:.?.q'-..w.]..B,P..B...|....+X....j,..2q....

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\150x150Logo.scale-80.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1723
                                                                                                                                                                                                          Entropy (8bit):7.769427546963699
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:MtXb2ikqrN+EMaUeTPMSEGS6CT/GF2MdJtDHBkZH39Hmgwiw:CXbzrzfUsUGS6A/ETJtHBYNG1iw
                                                                                                                                                                                                          MD5:1F2FB1BF463B2FF2BEC96784DEBFEF84
                                                                                                                                                                                                          SHA1:AE6F721AD937FE39F86602F71002435B18BF1EDD
                                                                                                                                                                                                          SHA-256:7E6B0D9EA7FDA1B5CA7A0B01290521DFF943DA4CBF1498412CA7D749DB42C32D
                                                                                                                                                                                                          SHA-512:0C92C4F75E620D0B636CFD83E89C69A44F6A96A00006FBD0B13637BA5DCC77C9B302029E62F4B80766811F31810F9C20AC1A98B65C38789951CA0E19A5BB6894
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...x...x.....9d6.....IDATx......... ..................s....P...m.m.m.m.m.6N......w.......-...g2/...)z.....K....~(^..`...j...z.^Sc.n.,.....0.VW..al6...a.....R0...k.Q..N..P.x.J[ol2..)o...A....x.....c.m;F...t.16.....L8....vb=AQ0.<.X).@....M......g.....k..,.AN...-..R......$....b..`...... %H....`6.g#..h.]q..5._.@dA..c0.;X....a.. .2...~..;.1..:.x.....q[@R....,4.w.v.._..s;.b..s.Qu5..U.|.6Zj...P..........\...qa. ..D..W.L...c.~.....A...F1g@x....V..`..,..D.=..d.i..Q...o.c...N......$.`....]...P}.G....BT. .?.......L.n..+nG./..cC.>0.N1.\.C..B..4.l./L.3....T.c.S..bf.0..t...J..!.aU..p`.....0./..}.iL.).w..hc.M..'.. ..;'.p.Rt....R.g......8.%14...S....<.Jf./@..U.h'.G.R..D.\..z.4......<....*2K.S.bj.1....=.../pd.........cfPL$7....S[.M.%H.M..W..T...ZP.aA~....D...+..~EYK.#..zOZ.]fA~...fz..].....7.>..|.........[...v..M..vb.........L....z.`.P...X..RP{.....`...+.0...l/..>...i.w...W. .....x....T...............t..+B}d*`/..+.;L...J..._...iC..pv..gA~..k.

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\150x150Logo.scale-80_contrast-white.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 120 x 120, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1425
                                                                                                                                                                                                          Entropy (8bit):7.721284228612739
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24:sRv0SxfL9UEp3g4/RjUG894TBRVPvhjfghucgXy2nRlWzIXQuohMU9ocyMDh:sRv0sq4/tU10XVPZjhy0Izy9srWcyUh
                                                                                                                                                                                                          MD5:17471BB63ED62A6E545B6B626A763511
                                                                                                                                                                                                          SHA1:586B9EFDE7B3A04580A49F8FE7739593D42D303E
                                                                                                                                                                                                          SHA-256:DFD1054F989CDEE25F19EA792F363F042A125CAB537A424F0224BBEE13607E39
                                                                                                                                                                                                          SHA-512:F619D963B62EDB07C8077C3C6AE60ED8D3F3DD5BB1D05A2B83DCA1A7A4A346598B055F6C7EA22E05BF281B1DE0F205F5D1054819000759D9450EE1FE8F6491AE
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...x...x......m.Y...XIDATx...m..e....}....d...9]9\...r2..L..37...S..."s..SV..].t).*.I..dh.Em..`A ...9.`......./..u.}...........v].KUUUUUUUUUUUUUU...~.p.....M.6Y..l.]...Fv..W;..o..d.l...r..{.d..r....a....r.y...@..>.z..C.l.qh............7{E:d.w.W..ZD.2[.~_..y^4.q.!./;GK......Z."s.m..9...{^.g...g...i..[$"F..x.Pj9.b[E...,.q.^.......v. w...4.I.E\....D....9......C".Q.._El0].=.Z`?.>gD....&Y-b...+E...(.f..~`..."^....Z...:\.h....S.v.v-KE,.8.....W.....Ag.V.....q..yD.<..6....x.d.N.....d..?.Q...[..".WZ&.,....v......Z...vG..k.4."...tv....".T.K.L.q..sQZ%.M3V..D...D.!.-.T.*b.n|W.u..xVl....X..._.."...n...5...W.?.1U7Z...p.>#.R.p..#QzJl.;D\..;E....Q..zl.w..wD.4 .j.u....D,.SE<..Bl.........U.Z.[D..._.4K..u.....mJ.e....&.m......-7*..X...:T.K.}..;~....."6(...O..(M..=.#.q.{..xHl..E,...v...3.`......X.[.E|S.IF......C.b.....r......9....o.\.x..WM..J..5.&.IJ......|...........q.J..!{t9L.Y.}D./5.."Vv|./4V.v....i...8Ji......ae18...>.q....0...X.,

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\70x70Logo.scale-100.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1564
                                                                                                                                                                                                          Entropy (8bit):7.78686155071436
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24:kO3Sxd5HLMZAoBjXkaBPxrX6hzB6eCvTYJSM2nY2YptQ/ceAV5ulBbYZwix2:MLLMWcV2z8nryWY2SDV5uPsqiw
                                                                                                                                                                                                          MD5:C3722E0232EC20AC8F99CCE7A040B294
                                                                                                                                                                                                          SHA1:91CA47DA87EC045ED3EF5D97243167F08FB9E10B
                                                                                                                                                                                                          SHA-256:A333D7E4293F5269426B3FCB673A284F3708A66F957DE62403B6570B24BAE8F5
                                                                                                                                                                                                          SHA-512:71940B8431E36307BA5176939A169B9259BB6B43C32529A10A12C5EA31447BDDCCAD7EB9EF7CB309B175EE7BD56E70926BD5AA0855D0FD9497547ECD7FF93158
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...F...F.....q......IDATx.....L../..m.m.m.m.m{.._...+...d...[.|..y.'.{8..N8..N8....x0..$.iA&..d..@r........&X...../.z..../.....{..../u~....|.._4$5..4...6....q..P..D.U...u...W....o@#..j .o....j...r..MI.n..X.RI.]..W*g.g..;...|.D...2..._.#..$.....A......I..r..GOF#F...L)..P.8.....G.. .l.m..J.=(+.{..@#....CH..|.:..n.%..0..*.{...O.+.Q.ORp...7L)dxS2H..Ge....e....$..k....iJT.~...eZP..A2....g..PUB..|....v.......>..k..~h3...40.x...(.......v.%.F......vl..h`>...P...4...W4.D...\o.9...z....3]........`.}t.......XI.[z..%....S<.e... .D..TA...'.....h....l...,...$7.......0,%....I[Au"...d&?.j......,..|...~F..pB...]......L.]d.v5...U%..h:}%..._.$...X.m.....S.yL...Bc.R;K..8...*..TiP.}5.g..p..m..s].ZU....H.{P.!,..?......t.U....=m-<.a.v..I$...u.T5..LG..b]...c6.19d;k%...3......,..I.[.1..:...YN...h.*5...W..._....dL6.v.Rch..~...i.1G....|].AU.k...H.[Q.a,6.5-....Gt.9U......n(.#...D.v......_.*...@I.}...i.u.@..w.T%..*.&Y.:o.X..3.Z.m..fW..5.....D...

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\70x70Logo.scale-100_contrast-white.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 70 x 70, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1341
                                                                                                                                                                                                          Entropy (8bit):7.829707677562043
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24:vHNfCYvjHq3yow73tnF7H1r8IR07iBa/ptAFjLmocqM3LNpi+MaG9vz:vHsY7Hq3QzT7H1r8Wr0/zAxfyLNp1Pab
                                                                                                                                                                                                          MD5:504D80D276ADCC0163A8E4720013F9E7
                                                                                                                                                                                                          SHA1:6D34A0593FFCE916CD19B66D61004FD7E7EB2CD1
                                                                                                                                                                                                          SHA-256:EBBE0B4761EA8968A0A3FAFB383AC7AE175E98CD31A0F41BDF5FCB43469B58EC
                                                                                                                                                                                                          SHA-512:9961259704FF97C0E1899A33259F62155B73264E272064F3FA90E64124513C7C8BD6AB69A39C1EFB271ECC2972AB8FD86FB836F22153A9BB35419C3816D11337
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...F...F......'*.....IDATx...{L.U......#A../.9S.&:/..%]ti...TL][Hm.n..8,gsZ..Zk....:u....lF...".I..[.H(.q...{.sx.</......y....9.9.<."""""l%.J..2.L...xFp?...?.8....:N.M..`2.i..M.uZZ+'..C......9.f.1.X.}He....b...$..V.."..'T........[.s..}..F.........t.lnK..d.5...Yr..ld..x.\...iP... ....X......a ...i.C.D.E.H.&......Y....h..G.....1..h..C..>t...$...m..+..../.<.n4.."..(w..%,.R-...t.$.?..#.QB.+.ep..-.....r3.LYo....A...1CVK..$=.ER....}.o.m<.....#....D]O 1\..}..^....,.|[..L..j..`...n.,...C.N.K..U...k..(.IF......1.....B6..X..U......oK..cvm...tP.....,lM....iAq.+...~.t..M.&...0......i(.y.Gq......Zw.,.H.|... .H...zXR...>....K... )S...E......V..H0UR*...P.....\.I......n.fj*.*|..1...U(=.....~@=.X....Hq...4.....D..4S-...x.t;.....X0.....`....j....+..X8....z.t..DV.6c.\....=Ri2.y.{ac..../Gv./....X.n..o....x..ha.d.....p..V.QRg....8...?.[Qrxo!...r....Ni.4tOHz...Ca...z.K....er....3...;....(.0..[r)6.J.3.S'..(.v....l..~t..".&Fwx..M....P....>.7.E.Z.Y.%.

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\70x70Logo.scale-140.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 98 x 98, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):2005
                                                                                                                                                                                                          Entropy (8bit):7.837796638299837
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:FtyHJuovwDhlXRvUCvqfPAuwdESKbtU04aQkClnRU8lbPxbsFIV4hEIA:FtygGwDhlX1oHO4KwCAQ9MEIA
                                                                                                                                                                                                          MD5:667BFBAAEB2D2B372B6E0D4BF4992CE4
                                                                                                                                                                                                          SHA1:4C6C2E07183963F59391945FBEE077B55F8F6B2A
                                                                                                                                                                                                          SHA-256:207519F1C7B6C7509BFEB7B55724997EEC6456C8BAF55E882E72FC5CD43DA221
                                                                                                                                                                                                          SHA-512:AC63A3DD2F6088E7849E3824C35FD58CA78EC77DC31E1F6CBD47DE7CC394318CBA7D2309912206A94180267BE057C2AF5C835424019E2A03EE33A2AB801BA9A4
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...b...b.............IDATx..........S.d..........=...F...m...5.r..........m....g{......[1..q./.D.B."......)h.a.o..x.p..r....]..\....b fR......W.a.."..Ix............58.G.G%D.....0lE..E1D.<...u<o...6>....-.`..FX....l\.....K.....{..Y........D...............B.<G.....7.5...8...\....?.!j.b..F..PH..X....8."..,..R....X...((..G.0..&~a...{..DA<v.....H.4Q.u..a..#<Bk...E ..b\@'...3...U.\..4M...o.m.m.m.m.m..$..R9......&..NMW..{..4].....m....h..y/..x....a.[e..7.ua.^.lC8....l0....1...r.&........G.......c.....d....F]...M.a&.M..V..?[..t.P.Xx...*<.(...s...'.Q....'.~{_......8....R.%..7|O.Bl......Sr....^..@..........us.".M..?x....*.T.....A....&.l........H`g..."...I}E.7..].=...C.gz........V!.EE.....7WvB.!.d..vJ...k.{?.......1.n/.Q.{.....LD..;k...\....]G..S.+....F3.}z.=F(.....$..D.[.y.... /Q..eU...]M.[r.......}.f.s..;..!...s..C...x...Y3...<....0.O.p.\..&5...f.u.....4..A..".. .lD..7.#..P.../.i. ......+...M...}/..U\...}..Ah3"t.....D...!v..V$

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\70x70Logo.scale-140_contrast-white.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 98 x 98, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1697
                                                                                                                                                                                                          Entropy (8bit):7.76630495035972
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:TyhJvOYkuSoLYIWawZM7SkzaacHxXgr4RzhQpKP7C:6JWiEIOuWkCxCSzhQpCC
                                                                                                                                                                                                          MD5:93223E8777B581E988B703DF82593B17
                                                                                                                                                                                                          SHA1:40A035464C27041CCC87C7935C45100D93D1C948
                                                                                                                                                                                                          SHA-256:464AFAF960C32ABDC2C3937A48BF14C5D1A819B017E719FDED591D43A65D94C4
                                                                                                                                                                                                          SHA-512:B8A3EE4A71E609625EAB51F0F6DAFCC82CC47BA2C567CC8BF73CF6423056F9171276289BFDCC8428B7C07645097664065EE9B0B78874425BFF800178222FED12
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...b...b...........hIDATx...........9.Q.f..ttS....u....%..1.a.s.!f..c.b.b.K7QFg3..Y..2M5..6:B..z9.%..N.s>9.{.=..........|.7------------..QNt.G..].E.....b.s.e..X.C...Q.b.;.p..m......g....L.\te.G\.d...F..X..=f..]y.A..\e.t....Ei''...d.X...X..7[TYh.1J..g...y....]/.,r...........mi..2.6J.6Yte.....g.....<o...;..v.T..KJm..\T....i...G.."Qe.c..1.I.T#.6...2...7.y.K.*'.....p..J.2S.V...zf..Z%b..Z.6.z._j.}K..w..R.2.Y..M...P..l..d.JG..Sm..0V..o.u.'R..6...(U.k...k.+m..i].n.ub..D.b.JwJ......-1..(. U..|.^....(."UO..z;.@,2Vi..D,...;K.NAi.."f.TO.j.XlO..}$..M6..".iC.."..MO]-..[(]"U.i..E...J.K..zn..".V..M..i....q.(=%.5...R.e...:P."..(.*U..[...M.G~C......Q3)..]o.%U.*./.c....t..:J...q..k...g...R....\...A.@.kl...H.vJ...x..../....9.:..?q...Y..":@i...4f..E.Yi.T}^.....Q..#..h.#"...4S.y.l...AiG.kl.QWI.nJ.E.F.}M.tP...9...U.f..g...../....]..U:N.{..B..A.2..i.Ru..A"..+jg.kE./Ru..R.g.D...n.q..X-b...f...b.+.q......gD.Y.....q.....t..kA.."&j..Ru..."...j..D..4n.S.wD..gG.x..

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\70x70Logo.scale-180.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 126 x 126, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):2699
                                                                                                                                                                                                          Entropy (8bit):7.8799233652993115
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:Is+9LgA+9fj19UhKwdgrviOztr/CrWbqCLRTFxFCEEgq0Ol81sqAGz:IlSN1gBTOztr/jbzdh1y0wl1+
                                                                                                                                                                                                          MD5:704D0A2693B350E7C463B0FF2143835B
                                                                                                                                                                                                          SHA1:0313AD4C3690A590AC54552D2C27806E73776600
                                                                                                                                                                                                          SHA-256:D6367DBC074E37F3488C26B0BAD229BFE99F5C6BB0E28D37B41906C436152B57
                                                                                                                                                                                                          SHA-512:4517B2FA911149885EC5549F3173D3C774716740826873E4B2199C804B17E776A5296565930E5ACDB8D5476710A391B21E6DA8941DF64C525A487DB4619A1EA7
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...~...~......#.....RIDATx......................f..`....6..m..j#fm.qm.Am.m......%_...q.i-.>dh.........q.o!!..]...LC.TF..D.o.8...8.O..|.iLC#$PO<..1P.....wX....J..<5...$`O1.YU..g.L....<.....h....K.4Aw.....[.I...yU)....D|..x......`f..................9f....Y...p..!..E..U%...]......l.#.....#gPB.5...^C4.G.........g...5R... ......W.~H@. .*....8.....G...N.U...c....J".....YQ.m0....b.5.V.Y....:.......(W1.E...yb.,..a.bT.^.O!a...6...+!:.*..|O1......ZQ9...M.6.....!.6..O.XI...#jF..w.o.#|c...%Y.h.m.m.m.m.m.......8.qog.N.....3.}...R.....8...P.M.....].....B......3xs...:M!...K.;.mL.7l.N..=..7......sfJ.;..|Q........}:m..08...y.+.5...D..:....|8.m.]........04Z..b.......c.r....|.....m.6/..!...Y..)4._..0KY.e.[.qL.!...X ..jk.....|.....Ki....q...28...-.....<....4.d`.Z{.-]|B..3 PJ.gP.iW-..]m..61c...8.b.,.. P?&.0........A..!_k`.\.s.>.......d..R...."*<.e../.A.S .+...O.Oq.&.B.Y.6...S.!W^....... ..3.A..*...GA.uX.|[..Oh..=..[..9....l-.l..+...mM..Xu_.#)..

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\70x70Logo.scale-180_contrast-white.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 126 x 126, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):2334
                                                                                                                                                                                                          Entropy (8bit):7.8839656878677005
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:W/zeI9zj1u/VwgVNR+vEgxOfU99BpcZlp9uqRhq4eZDU0BMK:W/zn51gxN4RxH9hUlpkAMt/BT
                                                                                                                                                                                                          MD5:39E2FCF13C20103C5F449C06D3A4CF75
                                                                                                                                                                                                          SHA1:AE8E1BCE2BE17ED450D891864E6AA22642AF39AC
                                                                                                                                                                                                          SHA-256:5D46E4056F3915C279F1FA9EDF61D93529FBCAE5C59D616380EC5D9405B7763D
                                                                                                                                                                                                          SHA-512:8E4902262B064008804D49D1B5F27BB7B8F33ECEFB05181AA69534E1D21662719DD4F8E0677C58215F6C5CA9EB4FB92FCA54A89F9720230AFBF06A70216ABF26
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...~...~.....H*m.....IDATx...{p......1\0<.%.1<........L.(.0P....R.(Hkk.3.>(-.X.t...>.Q........#P.H.JECxZ.<...5...${.7......../...g........x<.....x<u.0.Y<.f.s.r..7..1.Q.#.#...X...C|.r.......h...b.e..D.[.H..RG.q..f\.9RhV.y....<.Z..0..K.9.c.s(.C9...d=.4..YJ.V....l2..Y,.....u..kH&........rFh.Na.k8A%J..<.-D...Wc.EL'..T~.......I.........N..F...<E.Q$.*.-N2..a.D..;H Jt..%q.....ml......3L$.n..-.Ha0SX..\.#..w..28..W...Z.......Y.......o.......v5.......|...xv.X.G5m.e....tzq.e.7.G.r..Q...D2l.^....E)J..14............~..HCg8...JZ..TN....id..l...3.Vz9...` ....%3.F..v.JG'....Y...,.lc"-.K.]y...h.m.0C.I....".(Gq....g.S>E#....C..+.....].u...+..I...g....b.H....3d.S =.O,.7[...q.|.6/..U.U(.ed.,....DX{.JA}.im;..)..ld.p.*?....QK.....H..i.....#.~&=.&....pZ..&.2....J.s....p..r...y.e.....c..3.g.H.z".#....C'M.h...?......v...&"...z.e(i.+Wz].....<....?....M+s.&....d....*.0n.....s...<Ws?I....?.{...`5z3..w8.........s.B.d..K..K....LLY.j..^...a.p.~.z....-......l.dM.

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\70x70Logo.scale-80.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1096
                                                                                                                                                                                                          Entropy (8bit):7.755097954664401
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24:TDh4JYYFMId219dZt07Zcglb4iS/cFEAAabL3/006Fs:B4JBMPVEbCe/006Fs
                                                                                                                                                                                                          MD5:32D3E390613CDDBD639E70DDB2511AC0
                                                                                                                                                                                                          SHA1:C96AC088E72D756F31896B16776EF100379F802C
                                                                                                                                                                                                          SHA-256:DC20E5AA2B500CD5B5C9F89647D3487810685C94268F22678E27820E2454BB3E
                                                                                                                                                                                                          SHA-512:7381CEB8FEE84F398082177F30DC01593BEEFA729C73B0166AF686BCD25D54312B202D9243834B754769DE41E9A1DEED74CA91A76DCDA918A749CDB4F08C124B
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...8...8.......;.....IDATx...S.,I....[k.m.m.m...k.f....0..Ag5..<.w.1...r:..g.+...+........MX.k`=l......\(...........,vDq>.......x..`wl.U...x..[.....(..p...@u..z...1M../.D>...z..'vJ..U..'C.......?c:..U........GQ...,.P.T<...-..|$~....q..n=L..iF....X....q.......p.6{q8.u'*.R..C...Qg..YCN.:........#g^.R...w.......U..j...H5..eF......iO`..4r.R.[.....0...9{....u.v....X6!>.F`*.Nk.....J...5.P..}..F.\..Lk._.`.#...od..7..4!V.......-...{r.P....9^5.2.(.G..OT..<9}1....A..Q...U.{C.....o..S.....S...b....z..T...o....z..Z.xv......O|.8.....u......c...?.....u.u........p4.v`......kQ..4.....jzf.^....F..4...j:.._K.;..z]..0.0>..........|..W..Z5!6.b?....2O.....,.>.Q.y..-...._..k..w.}.V....s.o....W*..._Q...X..=Tcmc{N.P..1..j..'...l.-.?j^2..*~}Zo.J..7..F....D.91.....#2^..7.}7........$.:P..oc"6I..)n...|A..G.....l'..x..bM#.|...e.yT...k..y.]9...2.ao.z~.g`4....e0L..........t....n*.....}D.>.O..Vv..vE.Qs.\.~...s..........v.....T..7..A.9.s.]zQ...Gb.q).2....e...

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Assets\70x70Logo.scale-80_contrast-white.png

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PNG image data, 56 x 56, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):901
                                                                                                                                                                                                          Entropy (8bit):7.682141855410327
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24:x2BZqWXRHKkqILfEDtySHnb98XPA8KWstHNMufZ4jJO2C:xZQEC8BywBmPAGpC4jJa
                                                                                                                                                                                                          MD5:E6ADD5AFC73F7B06FC2348550595F8D6
                                                                                                                                                                                                          SHA1:4D658BDDB93FA6CB423EBC61BD20DB37E4D37DB6
                                                                                                                                                                                                          SHA-256:DD6F46D32C3E235508F9E4C7D7F993BD807D955BCA7E63CF3D57C6C4C102F46D
                                                                                                                                                                                                          SHA-512:55437DFEA7F68A4572DFC86B5428CBE9DB86C0D32D0B09BA6B7B1CF8E49E5F1BB94285BBDC97D8EE00D70BA75921DB59644787C1BE1672FE37CEE09441F249B6
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:.PNG........IHDR...8...8...........LIDATx...mh.e...c....#.."aM..f!Dh....eFaa......0$3.a.bS.(!..$..@%1-+.,.ge..\.9..=<...}...=..7.\'7.-////...T.2.x.F...Ur.5.v..L...Iv..-..a.1&...Y!...U.S%..a......k.V!=....'..M.Pl.F!..s.V..B8g.n..9a......Z.k.....vH..i]V.Yx.....ve:R.I-.c.d...\......S.s<.?....`....).Ab.za^.s.1....~r4[...6a.......$6.o.I.z..A.Z.HG.:.r.C..E..<+.#Q..P.J.._.xYX-...[I.'l.o.{...Q.Y.E.'.V..3...H........i'.w...........:a<...W2.I..0P8(K...IL.V....).V......=". .....;.,....F&..U$6.....d...e.T.}aK...4I.!.(.U."...,}-\G.Rx[&..O...$Kk.I$.k.[&..c......S,.v.....(.Ao...,...K[&T..|.......G.G.6a.++t\..*.?...La......F.....r9..t.U.9.DG.8.o#..j.d..L.~..;B....e.f....*,.......b{./.....N.......`.e$npL.U..f.j.I..A....Oa.^.F.N8`...xU.........@?..t%$.,...l.n)._h0/U.d.....l.C...I....R..)..........3H...N....h.9j.2.{.n_...y..m.9.5.^...H7.i.A.....e.?..R....]....IEND.B`.

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\CUESDK.x64_2017.dll

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):485344
                                                                                                                                                                                                          Entropy (8bit):5.205905061365067
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6144:alTZkQQzVVTgmAffw5QTzL6+75I+qZojZdJ:azkQQzVVTgmAffMQTjO+xt
                                                                                                                                                                                                          MD5:943CFEC00D31592C1B09C1086CE5B39E
                                                                                                                                                                                                          SHA1:DE211386FC16BD90C5D0D9B2527495D36424A131
                                                                                                                                                                                                          SHA-256:D2C6E0E2E2C24A1AE11A8D638A5EB11D97F0279946874D13E893AFA520DBD2FE
                                                                                                                                                                                                          SHA-512:3728349851899E36EA6B1EAD07BBCCB651661D8B76BDBB199C6B42EF9D56DB4DE9A1F7BCE55DE2AA32A9ECAD44BCC00785519F1FC5BFCF5B6A1F50551B98CE9D
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........a.y...*...*...*.xE*...*.h.+...*.h.+...*.h.+...*.h.+...*.f.+...*...*p..*ci.+...*ci.+...*ci)*...*..A*...*ci.+...*Rich...*........PE..d....v|_.........." .....N...........L..............................................5.....`.............................................#............`..6.......,F..."...E...p..(...@...8...................`...(....................................................text...hM.......N.................. ..`.rdata...)...`...*...R..............@..@.data....*...........|..............@....pdata..TN.......P..................@..@.idata..X!......."..................@..@.tls.........@......................@....00cfg.......P......................@..@.rsrc...6....`......................@..@.reloc.......p......................@..B........................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\MEIPreload\manifest.json

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):238
                                                                                                                                                                                                          Entropy (8bit):4.824253848576346
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6:v5975JVSS18iMkh26VlcmutLwyAGI/zj//gQNMC:Bbt18l+LlMLqGU/gQNMC
                                                                                                                                                                                                          MD5:442699C95B20A60470421C6A4D29960F
                                                                                                                                                                                                          SHA1:C7317F2D2414C991C21205BA3C68A187B997E3C1
                                                                                                                                                                                                          SHA-256:44844CF3DDE6E80087AE0E6BF0D9326D7EF7D23326D24AC83AF0850BE26923D2
                                                                                                                                                                                                          SHA-512:C89CF089F7FEEB80C6DED11F1FCE84287ABE8216A6E05723D1A7FAF567C501C043CD1246FF8DBEE1240D2D79C41B698EF4CC3459589E68E5BFC5BED7FC3A150B
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:{. "name": "MEI Preload", . "icons": {}, . "version": "1.0.7.1652906823", . "manifest_version": 2, . "update_url": "https://clients2.google.com/service/update2/crx", . "description": "Contains preloaded data for Media Engagement".}.

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\MEIPreload\preloaded_data.pb

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):8254
                                                                                                                                                                                                          Entropy (8bit):6.795641289553097
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:192:bTOpyeS7AOv6EVp/m3FPKk15jjKVcOmQppXavFbeLfzrLyp:bTOk7AdEugo5jjK+5QppXaBebzrLyp
                                                                                                                                                                                                          MD5:D5E4C2634EFF8A9B3FAF432BF406D6D1
                                                                                                                                                                                                          SHA1:A691F5C9877079193C1F7DFB16DBC30BB0372EC9
                                                                                                                                                                                                          SHA-256:C6070A157B4E28D16FBCCBD233E93846DDB070C85E1A1BC64469B7A5F1424FAD
                                                                                                                                                                                                          SHA-512:B264E28AC8F111DF01C553445AADC7BCDB3F32A38A1A19D3F9D458270DFEAF80EFA7144407BD999892022AF9DDE9DBF8A0E19E7212720E1C6511EA9125AFB166
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:..@5..0@...@y@o@.AK@X@.@w.!@.@.@.A.A.@.@B@.@.@.<A.A2A_..6strea.....kpo..anim..^...elo.tele..g....pan..bancidiz...don...Ikor........D...ap.cuem...ukleren.squl......ve..vco.. ....sten.tid..+v........dou...myvrs..=bb.jl..#streamfai..P2...nkk........10...f..R527......p...7............85.231.223....11.90.159.13...movie..w23serie...3tv.co...h...pla...00mg...bstrea..W93.178.172.11...49.56.24.2...........secure...|qo.....routk..nitetv.roge..}map...ndavide..ci.t...view.abc.ne..O...j....lianonlinenetw............r..'oora4liv......8.topgir..33.sogirl..rshow12...ayospor.......mc..s...k......sian..nime.c..n......prof..ba..Mtochk..Zkra..Tg...-....K............@.'..2.vos......m..rig...r.. ......@g..>..........perpl..)...tualpi...gintvgo.virginme...eo...mbox.skyen..@aplay.O.E0B...d....W......portal.jo.._...e...ma..........Lsearch.ya...frida......a..Qhnex..jvarzes..ey...........e....y...d.tv...stfr......l......seigr..U...d...q.....z....serial...r...cuevana..Amovistarplu..a.......f

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\Resources.pri

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):3072
                                                                                                                                                                                                          Entropy (8bit):3.118957212117411
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:48:Whs+6rek/gF1A6Gbi+4eTy8iPTUucUITUuqQTUGUQTUsITU6UQTUQITUuUQTU0I0:WWnep/FFLxPoRJo+oGpoBo6po1oupop0
                                                                                                                                                                                                          MD5:400817D0A91767CB830767AA94383F31
                                                                                                                                                                                                          SHA1:73F36C895190223F94E4D52657F14454B2BCBA44
                                                                                                                                                                                                          SHA-256:35D92C86C1C054D1C03F4E58B83681BBFD8573143EE5E4CFB4CBD788A1FFC107
                                                                                                                                                                                                          SHA-512:2216DFC65E24961A18A4622FF6D8D8A1330283E64477A0E44BAC5B8F9A4CB5690FC90F598BBC152214EE6AA8770FE6608C4C809EC6F2CC73547D8166603B3E15
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:mrm_pri0........ ...............[mrm_decn_info].............8...[mrm_pridescex].........8...H...[mrm_hschema] .................[mrm_res_map__].............@...[mrm_decn_info].........8.......................................................................................................................................................................................................................................W.H.I.T.E...8.0...1.8.0...1.4.0...1.0.0.............8...[mrm_pridescex].........H...........................................H...[mrm_hschema] ...................................U^........m.s.-.a.p.p.x.:././.O.p.e.r.a./...O.p.e.r.a.....................L.......................F...........A...........O...........1.../.......7...!...................................F.i.l.e.s...A.s.s.e.t.s...O.p.e.r.a.P.R.I.C.o.n.f.i.g...x.m.l...7.0.x.7.0.L.o.g.o...p.n.g...1.5.0.x.1.5.0.L.o.g.o...p.n.g..........................................[mrm_res_map__].........@.......,.......................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\assistant_package

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):2973528
                                                                                                                                                                                                          Entropy (8bit):7.995948649674358
                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                          SSDEEP:49152:npr0nnDiGZgF23VzfajZEGXGt+TR5P/H2iYyhQivUa6Ta7q1nt89qtTme/dLnUgq:nKnDhZgqajZEqZHXWi7+Tau1ntuiVL9q
                                                                                                                                                                                                          MD5:128F7E7285E953D6EA26A318D7A7403A
                                                                                                                                                                                                          SHA1:6423142BE97D4719C8A0F775EA73569E233200DF
                                                                                                                                                                                                          SHA-256:550C9209EEA87801ECEC9B2435BA7C5BF333DF38BBFFEE4BBCF4CEF2D0F9FCBE
                                                                                                                                                                                                          SHA-512:0018FE73D26BB17877F69AEE8D480A3DD51A55C3B3E1904990889314A04D829D87E78381475EDD0BB23597DCB4323FA379A5395342EA9D117750D3E3693059CD
                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L...'..P.................(...F.......-.......@....@.................................@.-......................................b.......................5-..)...........................................................@..d............................text....&.......(.................. ..`.rdata...5...@...6...*..............@..@.data....)...........`..............@....rsrc................h..............@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P....P.|..Y.nj'.v....u..v..=.BA..6P......P....9^..].v8.^..3......hhDA.P..........P......P..pAA..E..E....;F.r......P.J|..Y.24..j...lAA...t$..D....3.9.H.A.t...@....9D$.t..t$.Ph.....5@.A....BA.3.....D$..`...|$..u..@.....3.....t$..D$..t$...`.A......t$...P.Q..%`.A...D$...V...t...P.Q...^...VW.|$.....t...W.P.....t...P.Q..>.._^....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u..S.\$.V..C;^.tLW3.j.Z...........Q.......3.9F.Y~.9F.~...f..Af..G@;F.|..6....

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\d3dcompiler_47.dll

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):4927400
                                                                                                                                                                                                          Entropy (8bit):6.402970220950094
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:49152:VCZnRO4XyM53Rkq4ypQqdoRpmruVNYvkaRwvhiD0N+YEzI4og/RfzHLeHTRhFRNh:0G2QCwmHPnog/pzHAo/A6
                                                                                                                                                                                                          MD5:DD88837D51ECE6061718CAE0A638BB60
                                                                                                                                                                                                          SHA1:02987B303D9F27C7FC8A093C0CCA32112E9ED1B0
                                                                                                                                                                                                          SHA-256:AB6FD3AB40931DFD337C5D4D34B95F44A0BDD44D56507D740D97278AB254139F
                                                                                                                                                                                                          SHA-512:B2C7F4FEB2D323DEC2455710F6B04EF9642803FEF02936DBE5A09FC00453F8CBE2CE2E93BA2E5CDE537DAF7342BB14D6C0D49D1700AE86C8C2310863E3FB338E
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........|3..]...]...]..e\...]...\.5.]..e...]..wX...]..wY...]..e^...]..eX.y.]..eY...]..e]...]..eU./.]..e....]..e_...].Rich..].................PE..d...^.}`.........." ......8..........<).......................................K.......L...`A........................................`%G.x....(G.P.....J.@.....H.......J..O....J.....p.D.p....................S<.(...pR<.@............S<.(............................text.....8.......8................. ..`.rdata...F....8..P....8.............@..@.data...`....@G......@G.............@....pdata........H......@H.............@..@.rsrc...@.....J......@J.............@..@.reloc........J......PJ.............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\dxcompiler.dll

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):21868960
                                                                                                                                                                                                          Entropy (8bit):6.5327904051612276
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:393216:IkwXSvzEhmbfrZV+m2iG890hvCUD/GVJkshSB:KvN/GVJksAB
                                                                                                                                                                                                          MD5:B4B0BB9DC73D5D4B45E35B5CEBB46609
                                                                                                                                                                                                          SHA1:6CD3DE6BC604180F7E3BE7F052F0D1BC67ED7605
                                                                                                                                                                                                          SHA-256:AA5D6EBC4765063FBA4D02D24D9FC4B5845D5C8F86418EF7B8514B3C05EDA306
                                                                                                                                                                                                          SHA-512:44DA8661C4C6368FC046C99916B2109EB763B7D9EDBEA66B1EB70A651C018DEED91C8EE2F3269B10591ECFC082C85D43E6ECA555BEADBD1B83C898ABC1B2CCA5
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d......f.........." ..........F......M.......................................@N.......M...`A......................................... .p...H. .x.....M.......B.......M..)... M.....DD .8................... B .(.......@...........p. ..............................text............................... ..`.rdata...~;.......;.................@..@.data........@B..n...0B.............@....pdata........B.......B.............@..@.00cfg..8.....L......4L.............@..@.gxfg....0....L..2...6L.............@..@.retplne......L......hL..................tls..........L......jL.............@..._RDATA..\.....M......lL.............@..@.rsrc.........M......nL.............@..@.reloc....... M......rL.............@..B................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\dxil.dll

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):1519000
                                                                                                                                                                                                          Entropy (8bit):6.516243319485896
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:24576:LCfhbh3v3mtZDiAQeWj26k41ob2nrZ1rqpegQDJqoZtp22GkmgA9u808jQPEdkrT:LCfhbh3v3mtEAQrW41obCraeRhy9ou6p
                                                                                                                                                                                                          MD5:044B9B2A5E1CEA24BDEF3A3A81C9B9D6
                                                                                                                                                                                                          SHA1:E96670C0681507CC9926CB475AA28A8C9BB7D529
                                                                                                                                                                                                          SHA-256:3FAA3A0B1DD6AD2BA2855D6F82376E223B18A51A39159F5923F2AA33668211E4
                                                                                                                                                                                                          SHA-512:A1A41B79884A615D226F744960F666BD2991835A796117278C7D8426217F384A127DC6040C04B1F4BB2707B5BB4464C562CED3881A8FDED6C02263C23B358C1F
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@AC.. -.. -.. -.OX).1 -.OX... -.OX(.. -.VU(.. -..R,.. -.. ,.. -.OX$.. -.OX-.. -.OX.. -.. ... -.OX/.. -.Rich. -.................PE..d...'..}.........." ........."...............................................@............`A............................................l...l...P............`..t........O... .......o..p....................o..(....m..@............................................text...\........................... ..`.rdata..F...........................@..@.data....{.......T..................@....pdata..t....`......."..............@..@_RDATA..............................@..@.rsrc...............................@..@.reloc....... ......................@..B........................................................................................................................................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\f8eff576-81d5-4419-a836-b36d6019d97c.tmp

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):405802661
                                                                                                                                                                                                          Entropy (8bit):7.083358086913577
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:
                                                                                                                                                                                                          MD5:5A0409605B7CD1C21C44D2AC71C71610
                                                                                                                                                                                                          SHA1:D08FC7214FE9BCF860DC8ABEA9C7A0049263BFF4
                                                                                                                                                                                                          SHA-256:2BE333D303ED3E5FDE88637A5DFA0AF56E5047A7413B7E6B3D372A7DE7C8BEB5
                                                                                                                                                                                                          SHA-512:4D2BF9BB50C98F39CE5B4E116D2F73E33090037CC529121D445F66E90527C71D6FBE2C11EBDE36CF5F4AD49EB4500E2751AA273800F93F549458EECA30E3431F
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:<assembly.. xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>.. <assemblyIdentity.. name='107.0.5045.79'.. version='107.0.5045.79'.. type='win32'/>.. <file name='opera_elf.dll'/>..</assembly>...PNG........IHDR.............<.q....LIDATx...1..... ..6.^`...................{........m.m].m.m.m........[s....._.....N.Nw..._w..P...R... ......`........_[.i1...`.$.......C......*..,...v.l.>.ZP.B...E@......!?d..!.d.R......g)0...^H[.u.4.k`....0<.d.1.....0...Q`..I.._T..!...|pG.m=..a&.e.U(...C...n.^`........FB.X...Oio...z!...:.Tx.8;..9.[a........{.~.^......P.].r..d..A...?....<y.v"......l......^..._.....MA.o....?.>u._.d..`......E.@.5........E..................R...A..O}{.k..2.....jx\..5U.a.%."#.nA....6.!..W2.............R..j6r..v...."....N.GA..8.......>..p..#..,X.....Q...y..#.a..)....Q.e.zc\.'@.Al.....io....=......D.......F......A#6.^.^.Ma5...b.b...D...+.P.. .[.o..z....,...#<U.0.O.#..Z..........Q{...jA..ka|}...q.s.y^.!.Gh..R....t.g....F.......g

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\files_list

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):4186
                                                                                                                                                                                                          Entropy (8bit):5.234993793603558
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:96:t0/Rtp7yTf85XZyITJhowbO7VtiORFnbwU:Gaf85XMbwbOHiORFnbwU
                                                                                                                                                                                                          MD5:2DC8E2607CA1F7C321FB559287B7CA22
                                                                                                                                                                                                          SHA1:C1C7BF3A567FD2D24C348C3C954FEC3E00F96AEE
                                                                                                                                                                                                          SHA-256:269738732DC4756D0955EF9BBA7DE3A4DD025C0A868EE84E3FFC486817F63672
                                                                                                                                                                                                          SHA-512:080FD30D024EC21B7E50BBDB2FFD69E7E700B2D923171BFC2E47C77E510D663F5DAAFD702017A61C6D399E17705678E182D5F0BF53505181D864F533EEA22FD1
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:107.0.5045.79.manifest..CUESDK.x64_2017.dll..MEIPreload\manifest.json..MEIPreload\preloaded_data.pb..d3dcompiler_47.dll..dxcompiler.dll..dxil.dll..fonts\Inter-Black.ttf..fonts\Inter-BlackItalic.ttf..fonts\Inter-Bold.ttf..fonts\Inter-BoldItalic.ttf..fonts\Inter-ExtraBold.ttf..fonts\Inter-ExtraBoldItalic.ttf..fonts\Inter-ExtraLight.ttf..fonts\Inter-ExtraLightItalic.ttf..fonts\Inter-Italic.ttf..fonts\Inter-Light.ttf..fonts\Inter-LightItalic.ttf..fonts\Inter-Medium.ttf..fonts\Inter-MediumItalic.ttf..fonts\Inter-Regular.ttf..fonts\Inter-SemiBold.ttf..fonts\Inter-SemiBoldItalic.ttf..fonts\Inter-Thin.ttf..fonts\Inter-ThinItalic.ttf..headless_command_resources.pak..headless_lib_data.pak..headless_lib_strings.pak..icudtl.dat..installer.exe..libEGL.dll..libGLESv2.dll..localization\bg.pak..localization\bn.pak..localization\ca.pak..localization\cs.pak..localization\da.pak..localization\de.pak..localization\el.pak..localization\en-GB.pak..localization\en-US.pak..localization\es-419.pak..localizatio

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\files_list.1711736395.old (copy)

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe
                                                                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):4186
                                                                                                                                                                                                          Entropy (8bit):5.234993793603558
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:96:t0/Rtp7yTf85XZyITJhowbO7VtiORFnbwU:Gaf85XMbwbOHiORFnbwU
                                                                                                                                                                                                          MD5:2DC8E2607CA1F7C321FB559287B7CA22
                                                                                                                                                                                                          SHA1:C1C7BF3A567FD2D24C348C3C954FEC3E00F96AEE
                                                                                                                                                                                                          SHA-256:269738732DC4756D0955EF9BBA7DE3A4DD025C0A868EE84E3FFC486817F63672
                                                                                                                                                                                                          SHA-512:080FD30D024EC21B7E50BBDB2FFD69E7E700B2D923171BFC2E47C77E510D663F5DAAFD702017A61C6D399E17705678E182D5F0BF53505181D864F533EEA22FD1
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:107.0.5045.79.manifest..CUESDK.x64_2017.dll..MEIPreload\manifest.json..MEIPreload\preloaded_data.pb..d3dcompiler_47.dll..dxcompiler.dll..dxil.dll..fonts\Inter-Black.ttf..fonts\Inter-BlackItalic.ttf..fonts\Inter-Bold.ttf..fonts\Inter-BoldItalic.ttf..fonts\Inter-ExtraBold.ttf..fonts\Inter-ExtraBoldItalic.ttf..fonts\Inter-ExtraLight.ttf..fonts\Inter-ExtraLightItalic.ttf..fonts\Inter-Italic.ttf..fonts\Inter-Light.ttf..fonts\Inter-LightItalic.ttf..fonts\Inter-Medium.ttf..fonts\Inter-MediumItalic.ttf..fonts\Inter-Regular.ttf..fonts\Inter-SemiBold.ttf..fonts\Inter-SemiBoldItalic.ttf..fonts\Inter-Thin.ttf..fonts\Inter-ThinItalic.ttf..headless_command_resources.pak..headless_lib_data.pak..headless_lib_strings.pak..icudtl.dat..installer.exe..libEGL.dll..libGLESv2.dll..localization\bg.pak..localization\bn.pak..localization\ca.pak..localization\cs.pak..localization\da.pak..localization\de.pak..localization\el.pak..localization\en-GB.pak..localization\en-US.pak..localization\es-419.pak..localizatio

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\fonts\Inter-Black.ttf

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:TrueType Font data, 17 tables, 1st "GDEF", 39 names, Microsoft, language 0x409, Copyright 2016 The Inter Project AuthorsInter BlackRegular4.000;git-a52131595;RSMS;Inter-BlackIn
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):414140
                                                                                                                                                                                                          Entropy (8bit):6.13273327924002
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6144:s3unFMi82w/+qnJWPziKSQSzzY6XqYQ0rBfmPbPGxGl36DNoAmFFhGj3k4yhP18:s3uV82wWqsPziK4zbBOPb96DNAV8
                                                                                                                                                                                                          MD5:4154321279162CEAC54088ECA13D3E59
                                                                                                                                                                                                          SHA1:5E5D8C866C2A7ABFD14A12DF505C4C419A2A56F7
                                                                                                                                                                                                          SHA-256:6BDEBEB76083E187C7AE59420BFC24E851EDB572E1A8D97C1C37B7B2DC26148C
                                                                                                                                                                                                          SHA-512:04CA175774CBE3F2D83543C01CC388E2715AB7B1378143DB41BACDC7E7EDDF05D3BEEF476F6ACBE7DDEB34861984EFB5FD7F299EC1820697C440B372D258AEE7
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............GDEF.m.v........GPOS<.,... ..@.GSUB..B..F...]@OS/2 .....\...`cmapL.........d.cvt P.....A....&fpgmb/....B.....gasp......A.....glyf.3.J......U.head0%.a..^T...6hhea......^....$hmtxE.)...^...-.loca.;w....h..-.maxp.t.....$... name.i-....D....post}.........xprepldhL..P..............................................................I...K...........................................J...L.Z...].f...i.w...z.|...~.................................................(...*.,.../.0...2.5...8.;...=.N...P.P...R.V...X.q...s.s...u.v...x.y...{........................................................................................... ...).).........0.3...5.5...:.:...<.?...A.C...K.K...M.M...Q.Q...S.T...[.[...].]...j.k...p.q...............%.%...).D...G.I...U.V...Z.b...d.u...x.z.......................................................................................P.P...i.............................................................`...c.............................................................!...#

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\fonts\Inter-BlackItalic.ttf

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:TrueType Font data, 17 tables, 1st "GDEF", 38 names, Microsoft, language 0x409, Copyright 2016 The Inter Project AuthorsInter BlackItalic4.000;git-a52131595;RSMS;Inter-BlackIta
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):422324
                                                                                                                                                                                                          Entropy (8bit):6.159556140030877
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6144:PtBc7UQ0dNXWqSBQVUWrqIWqH70TVMYydoAF4N0ELhwnftLu+hNHzFxo5spvD3+p:Pt2+dRWqgVrwYygLhwnfhjh9fZ78
                                                                                                                                                                                                          MD5:C5C41F7587F272A4C43A265D0286F7BB
                                                                                                                                                                                                          SHA1:916224C963D04B93ED54CE7C201108F398E7E159
                                                                                                                                                                                                          SHA-256:D549110689CDDE0821CA2C7148F7B47A097166B4169786A4A9EDE675F5CE87F3
                                                                                                                                                                                                          SHA-512:D4B4D01088D9F506368DC19D709B4BA6BE764929B0DD05775841E14CBBEC674F216B81515AE529E95ABFD22ED2F3E2D2774363DD4284C8C8B57D203599555F76
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............GDEFj.`i........GPOS2-........?4GSUB*|.@..D<..[.OS/2 .B...,...`cmap^.........d.cvt O._..a....&fpgmb/....b.....gasp......a|....glyf5.........|.head0;.`...4...6hhea.......l...$hmtx..4.......-$loca.........-(maxp.D......... name!.,.........postz.........}.prepldhL..p..............................................................*...,.....................................;...>.H...J.X...[.]..._.`...b.y...{............................................................./...1.1...3.7...9.R...T.T...V.W...Y.Z...\.c...e.|...~............................................................................................................. ...".$...,.,.........2.2...4.5...<.<...>.>...K.L...Q.R.......................%...(.*...6.7...;.C...E.V...Y.[...g.h...m.n...q.s...........................................................................1.1...J.d...f.g...n.n...p.p.........................................A...D....................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\fonts\Inter-Bold.ttf

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:TrueType Font data, 17 tables, 1st "GDEF", 35 names, Microsoft, language 0x409, Copyright 2016 The Inter Project AuthorsInterBold4.000;git-a52131595;RSMS;Inter-BoldInter BoldVe
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):415072
                                                                                                                                                                                                          Entropy (8bit):6.167283324857092
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:12288:k9zC2w597PziK+bSvkK3sgUN8HkC48AeIVMhQ/8:e4iK+6I/8
                                                                                                                                                                                                          MD5:8F2869A84AD71F156A17BB66611EBE22
                                                                                                                                                                                                          SHA1:0325B9B3992FA2FDC9C715730A33135696C68A39
                                                                                                                                                                                                          SHA-256:0CB1BC1335372D9E3A0CF6F5311C7CCE87AF90D2A777FDEEC18BE605A2A70BC1
                                                                                                                                                                                                          SHA-512:3D4315D591DCF7609C15B3E32BCC234659FCDBE4BE24AEF5DBA4AD248AD42FD9AB082250244F99DC801EC21575B7400AACE50A1E8834D5C33404E76A0CAAC834
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............GDEF.m.v........GPOS\.N.... ..KhGSUB..B..P...]@OS/2 ..........`cmapL......(..d.cvt L.....E0...&fpgmb/....FX....gasp......E(....glyf(.........OXhead0|...bh...6hhea. ....b....$hmtxDt....b...-.loca.0.....|..-.maxp.t.....8... name.D.....X...Vpost}~.......xprepldhL..Td.............................................................I...K...........................................J...L.Z...].f...i.w...z.|...~.................................................(...*.,.../.0...2.5...8.;...=.N...P.P...R.V...X.q...s.s...u.v...x.y...{........................................................................................... ...).).........0.3...5.5...:.:...<.?...A.C...K.K...M.M...Q.Q...S.T...[.[...].]...j.k...p.q...............%.%...).D...G.I...U.V...Z.b...d.u...x.z.......................................................................................P.P...i.............................................................`...c.............................................................!...#

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\fonts\Inter-BoldItalic.ttf

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:TrueType Font data, 17 tables, 1st "GDEF", 34 names, Microsoft, language 0x409, Copyright 2016 The Inter Project AuthorsInterBold Italic4.000;git-a52131595;RSMS;Inter-BoldItali
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):420068
                                                                                                                                                                                                          Entropy (8bit):6.194498558176303
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:12288:xg28OmWqgaGeWLF7k/oONd1P+yyZQl/xFiwRi98:SZG17k/oOX1PXyqCwRi98
                                                                                                                                                                                                          MD5:C4C47E3D7ED51A6BB67B7B8088A4B0E3
                                                                                                                                                                                                          SHA1:B190F4E4E8F838C46FFE9507D966EA4D8B37D8CE
                                                                                                                                                                                                          SHA-256:5E606F805A71432D4875DE7DAB737BF9DEA1187090F0A5190DA9B1BBAB09F57C
                                                                                                                                                                                                          SHA-512:B4251618479C52398CA71CFC61AD88230A14145771EF1085AB9288486D7BFC841F0EA222909F8BA6882DB6076DF26BFE37E1C23917569270C86D6E7ADEE7CF13
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............GDEFj.`i........GPOSU..F......IFGSUB*|.@..NP..[.OS/2 ......@...`cmap^.........d.cvt L.....X....&fpgmb/....Y.....gasp......X.....glyf.L.K...0..i.head0....x....6hhea......y....$hmtx...T..y<..-$loca..OH...`..-(maxp.D........ name..........bpostz.........}.prepldhL..g..............................................................*...,.....................................;...>.H...J.X...[.]..._.`...b.y...{............................................................./...1.1...3.7...9.R...T.T...V.W...Y.Z...\.c...e.|...~............................................................................................................. ...".$...,.,.........2.2...4.5...<.<...>.>...K.L...Q.R.......................%...(.*...6.7...;.C...E.V...Y.[...g.h...m.n...q.s...........................................................................1.1...J.d...f.g...n.n...p.p.........................................A...D....................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\fonts\Inter-ExtraBold.ttf

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:TrueType Font data, 17 tables, 1st "GDEF", 39 names, Microsoft, language 0x409, Copyright 2016 The Inter Project AuthorsInter ExtraBoldRegular4.000;git-a52131595;RSMS;Inter-Ext
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):416228
                                                                                                                                                                                                          Entropy (8bit):6.155971405270021
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6144:3VpTx/VCC2wfBsJWPziKSQVE58IqsfnHGR4tGX5/2nHTAl84RSnj3k4yhT18:3Vp+C2wfBDPziK+4suO49lfR98
                                                                                                                                                                                                          MD5:5061BD7701B1B3339F0C80E69A2136E4
                                                                                                                                                                                                          SHA1:4A028F1FA4DBD6B4BFBFEEC4A5B5E222A005B563
                                                                                                                                                                                                          SHA-256:3C13487B8F2EBA0A78CAD4CEFD19272B0F4E53D61C223E6B266DDF0B332E9F1C
                                                                                                                                                                                                          SHA-512:65875F9F205CD70D2E1B86FBDA2AC8875637E0B3E0BB37ADE9DA20717B0F17D2108A0CF2AA1B246AFFD73BEA233B510D37D13193801D94E5148D3EC4159653DC
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............GDEF.m.v........GPOSB...... ..KzGSUB..B..P...]@OS/2 |.........`cmapL......<..d.cvt NY....I....&fpgmb/....J.....gasp......I.....glyf.B....$..S(head0R...fL...6hhea...X..f....$hmtx:4.7..f...-.loca.>b....`..-.maxp.t......... name(.2X...<....post}.....4...xprepldhL..X..............................................................I...K...........................................J...L.Z...].f...i.w...z.|...~.................................................(...*.,.../.0...2.5...8.;...=.N...P.P...R.V...X.q...s.s...u.v...x.y...{........................................................................................... ...).).........0.3...5.5...:.:...<.?...A.C...K.K...M.M...Q.Q...S.T...[.[...].]...j.k...p.q...............%.%...).D...G.I...U.V...Z.b...d.u...x.z.......................................................................................P.P...i.............................................................`...c.............................................................!...#

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\fonts\Inter-ExtraBoldItalic.ttf

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:TrueType Font data, 17 tables, 1st "GDEF", 38 names, Microsoft, language 0x409, Copyright 2016 The Inter Project AuthorsInter ExtraBoldItalic4.000;git-a52131595;RSMS;Inter-Extr
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):422904
                                                                                                                                                                                                          Entropy (8bit):6.1847822896243585
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:12288:EMPffL+f3H4g6WqgDVHqLhDj+359q7z8O8:1khq9Dj+3vrO8
                                                                                                                                                                                                          MD5:CDEF819CDB20F81FEB8A2ABDEBE9CDA0
                                                                                                                                                                                                          SHA1:EB61A79464DE3932A2D892BF50AD0270BE5791E2
                                                                                                                                                                                                          SHA-256:6A2CF89B061033C76C3CD7451113F3D8D29CE2C2E80B273FD60F9474E3927CBC
                                                                                                                                                                                                          SHA-512:04DE3B444603887E130870DC9FFF2F6798D737EA77A376C0A6D62C9114709F7891C95FA1BDDAB70FF055EBF127C6584CAECC594659F2E8596E72DA9D62D625E5
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............GDEFj.`i........GPOS..\>......I(GSUB*|.@..N0..[.OS/2 }..... ...`cmap^.........d.cvt N:....c....&fpgmb/....d.....gasp......c.....glyf..........t8head0h....H...6hhea...x.......$hmtx.)........-$loca..MD......-(maxp.D......... name+i1.........postz...... ..}.prepldhL..r..............................................................*...,.....................................;...>.H...J.X...[.]..._.`...b.y...{............................................................./...1.1...3.7...9.R...T.T...V.W...Y.Z...\.c...e.|...~............................................................................................................. ...".$...,.,.........2.2...4.5...<.<...>.>...K.L...Q.R.......................%...(.*...6.7...;.C...E.V...Y.[...g.h...m.n...q.s...........................................................................1.1...J.d...f.g...n.n...p.p.........................................A...D....................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\fonts\Inter-ExtraLight.ttf

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:TrueType Font data, 17 tables, 1st "GDEF", 39 names, Microsoft, language 0x409, Copyright 2016 The Inter Project AuthorsInter ExtraLightRegular4.000;git-a52131595;RSMS;Inter-Ex
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):409996
                                                                                                                                                                                                          Entropy (8bit):6.169466966393304
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:12288:XmzU22mZrPziKScOkpPSb+sv9wKKpuLpuSZAoM8:yiKcFyKK9SZ7M8
                                                                                                                                                                                                          MD5:B7E44012C53F3BCBF154C7C4784FCC14
                                                                                                                                                                                                          SHA1:101ABFE1C234D9E29504A55C7B5911F7E20E9425
                                                                                                                                                                                                          SHA-256:944F65A7C6CDA135C370559E9D7347BFDD45A579FE4DD1EF8BA5BC679BCD961D
                                                                                                                                                                                                          SHA-512:67808D6BDAFE9BCF5576DF234C93611BC827D868DD9F0D064E801DDA5EFE67883637746458B3A0E51B4B394913C3AC47F56C5C055B3FF013ABEBB66EC9A7716F
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............GDEF.m.v........GPOS{...... ..<^GSUB..B..A...]@OS/2.$.........`cmapL...... ..d.cvt D.....1\...&fpgmb/....2.....gasp......1T....glyf.I........I.head1....M....6hhea......N ...$hmtx......ND..-.loca.M.x..{...-.maxp.t......... name+.3.........post}F.........xprepldhL..@..............................................................I...K...........................................J...L.Z...].f...i.w...z.|...~.................................................(...*.,.../.0...2.5...8.;...=.N...P.P...R.V...X.q...s.s...u.v...x.y...{........................................................................................... ...).).........0.3...5.5...:.:...<.?...A.C...K.K...M.M...Q.Q...S.T...[.[...].]...j.k...p.q...............%.%...).D...G.I...U.V...Z.b...d.u...x.z.......................................................................................P.P...i.............................................................`...c.............................................................!...#

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\fonts\Inter-ExtraLightItalic.ttf

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:TrueType Font data, 17 tables, 1st "GDEF", 38 names, Microsoft, language 0x409, Copyright 2016 The Inter Project AuthorsInter ExtraLightItalic4.000;git-a52131595;RSMS;Inter-Ext
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):415636
                                                                                                                                                                                                          Entropy (8bit):6.1951511440882685
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:6144:327hgoK+yjo8AiWXWqSBCVUWR2kg4yODRVP8UPLumxDaAan+LHvKLMQyaInxFfmo:323K+tiqWqg3FkgdW3xDayLi78
                                                                                                                                                                                                          MD5:9E18D79ED628E74CA5E2EE3BFD6446BD
                                                                                                                                                                                                          SHA1:BF763C5CC7C91BFEC5E8E42499CA20AEF4C8B942
                                                                                                                                                                                                          SHA-256:BB5488DEFD018CF6CEA85B431A40991F0AB8939C39025E835E809160DCD912A6
                                                                                                                                                                                                          SHA-512:35A128E169D7CBC551C0337D78996E2061F8165E1B61870634A1EE6715199507F5FA140177C8A821401EAA765FC16FCC73E0180A21004803F6FC69EF512737F3
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............GDEFj.`i........GPOS>.uG......:.GSUB*|.@..?...[.OS/2.%.........`cmap^......D..d.cvt D.....Gd...&fpgmb/....H.....gasp......G\....glyf*#:]......f.head1....f....6hhea.w....g....$hmtxe2.{..g4..-$loca...d...X..-(maxp.D......... name-.3z........postz[.<.....}.prepldhL..V..............................................................*...,.....................................;...>.H...J.X...[.]..._.`...b.y...{............................................................./...1.1...3.7...9.R...T.T...V.W...Y.Z...\.c...e.|...~............................................................................................................. ...".$...,.,.........2.2...4.5...<.<...>.>...K.L...Q.R.......................%...(.*...6.7...;.C...E.V...Y.[...g.h...m.n...q.s...........................................................................1.1...J.d...f.g...n.n...p.p.........................................A...D....................................................................................

                                                                                                                                                                                                          C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\fonts\Inter-Italic.ttf

                                                                                                                                                                                                          Download File
                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          File Type:TrueType Font data, 17 tables, 1st "GDEF", 34 names, Microsoft, language 0x409, Copyright 2016 The Inter Project AuthorsInterItalic4.000;git-a52131595;RSMS;Inter-ItalicInter It
                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                          Size (bytes):412848
                                                                                                                                                                                                          Entropy (8bit):6.2017904291058406
                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                          SSDEEP:12288:C2vSKsOi+1iqWqgfYs0S2S7vWAlcBJPH8:1PqIS2S7v3lcB98
                                                                                                                                                                                                          MD5:118ABBE34A2979B66D6838805C56B7CD
                                                                                                                                                                                                          SHA1:7F320CB81660FC6DFF9CC5751F8FCC0134847C77
                                                                                                                                                                                                          SHA-256:D054D998AE12BE33820B100E0ED3923D513FA5C79C6D4E7CA1953AFEB262EA9B
                                                                                                                                                                                                          SHA-512:5BCAD4A03CED2CE76C5EBF78CD2C1328A4EE27019807F56A48BF8A0F936C57F351F10726C176952F0CF08776A5CE53D34C14D6A848925BE2789408A61678F381
                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                          Preview:............GDEFj.`i........GPOS.}.......7.GSUB*|.@..<...[.OS/2.........`cmap^.........d.cvt H.6..<....&fpgmb/....=.....gasp......<x....glyf........._Lhead0..i..\....6hhea.?....]....$hmtxF)...],..-$loca.k6....P..-(maxp.D.....x... name...........>postzz.{......}.prepldhL..K..............................................................*...,.....................................;...>.H...J.X...[.]..._.`...b.y...{............................................................./...1.1...3.7...9.R...T.T...V.W...Y.Z...\.c...e.|...~............................................................................................................. ...".$...,.,.........2.2...4.5...<.<...>.>...K.L...Q.R.......................%...(.*...6.7...;.C...E.V...Y.[...g.h...m.n...q.s...........................................................................1.1...J.d...f.g...n.n...p.p.........................................A...D....................................................................................

                                                                                                                                                                                                          Static File Info

                                                                                                                                                                                                          General

                                                                                                                                                                                                          File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                          Entropy (8bit):7.609503436410413
                                                                                                                                                                                                          TrID:
                                                                                                                                                                                                          • Win32 Executable (generic) a (10002005/4) 98.04%
                                                                                                                                                                                                          • Inno Setup installer (109748/4) 1.08%
                                                                                                                                                                                                          • InstallShield setup (43055/19) 0.42%
                                                                                                                                                                                                          • Win32 EXE PECompact compressed (generic) (41571/9) 0.41%
                                                                                                                                                                                                          • Win16/32 Executable Delphi generic (2074/23) 0.02%
                                                                                                                                                                                                          File name:SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe
                                                                                                                                                                                                          File size:2'182'176 bytes
                                                                                                                                                                                                          MD5:dbb69ee00786bed3e12a04518e0f469a
                                                                                                                                                                                                          SHA1:40a82d88b06e6be8ba82fab34b4a29305466202a
                                                                                                                                                                                                          SHA256:dbc32537a29f5eba5406aa3f2ae409eb52ea904e76c19a74bfb480a8c8c63d69
                                                                                                                                                                                                          SHA512:e367614faeebe4af063634b911c3591c7c5b0e8c07a843753d809ce27c050b298ec5d1777ab2aa7c194810a45e4788ea98e93bf5b053beb375f8cc5a65cbcfae
                                                                                                                                                                                                          SSDEEP:24576:Y7FUDowAyrTVE3U5F/E3dwMzD3mseUwgjvKwX901alI4qKxKic6QL3E2vVsjECUG:YBuZrEU8FTleUTKae2KIy029s4C1eH92
                                                                                                                                                                                                          TLSH:4CA5DF3FF268A13EC5AA1B3205B39310997BBA51A81A8C1F47FC344DCF765601E3B656
                                                                                                                                                                                                          File Content Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7.......................................................................................................................................

                                                                                                                                                                                                          File Icon

                                                                                                                                                                                                          Icon Hash:0c0c2d33ceec80aa

                                                                                                                                                                                                          Static PE Info

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Entrypoint:0x4b5eec
                                                                                                                                                                                                          Entrypoint Section:.itext
                                                                                                                                                                                                          Digitally signed:true
                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                          Subsystem:windows gui
                                                                                                                                                                                                          Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
                                                                                                                                                                                                          DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                          Time Stamp:0x63ECF218 [Wed Feb 15 14:54:16 2023 UTC]
                                                                                                                                                                                                          TLS Callbacks:
                                                                                                                                                                                                          CLR (.Net) Version:
                                                                                                                                                                                                          OS Version Major:6
                                                                                                                                                                                                          OS Version Minor:1
                                                                                                                                                                                                          File Version Major:6
                                                                                                                                                                                                          File Version Minor:1
                                                                                                                                                                                                          Subsystem Version Major:6
                                                                                                                                                                                                          Subsystem Version Minor:1
                                                                                                                                                                                                          Import Hash:e569e6f445d32ba23766ad67d1e3787f

                                                                                                                                                                                                          Authenticode Signature

                                                                                                                                                                                                          Signature Valid:true
                                                                                                                                                                                                          Signature Issuer:CN=GlobalSign GCC R45 CodeSigning CA 2020, O=GlobalSign nv-sa, C=BE
                                                                                                                                                                                                          Signature Validation Error:The operation completed successfully
                                                                                                                                                                                                          Error Number:0
                                                                                                                                                                                                          Not Before, Not After
                                                                                                                                                                                                          • 22/09/2023 15:18:31 03/12/2024 14:05:00
                                                                                                                                                                                                          Subject Chain
                                                                                                                                                                                                          • CN=OOO NBZ, O=OOO NBZ, L=Saint Petersburg, S=Saint Petersburg, C=RU
                                                                                                                                                                                                          Version:3
                                                                                                                                                                                                          Thumbprint MD5:644D93EB2A924788DC9F5A261B15A128
                                                                                                                                                                                                          Thumbprint SHA-1:8FF463CEC205068C449EBE08BC5EADB1E8BEF78D
                                                                                                                                                                                                          Thumbprint SHA-256:A0C6E99ECA1E36FBCEE4434A33A8862414BE13C68E7464DAE8CB84914EEF564E
                                                                                                                                                                                                          Serial:01181B5DC7EF7467C6035C60

                                                                                                                                                                                                          Entrypoint Preview

                                                                                                                                                                                                          Instruction
                                                                                                                                                                                                          push ebp
                                                                                                                                                                                                          mov ebp, esp
                                                                                                                                                                                                          add esp, FFFFFFA4h
                                                                                                                                                                                                          push ebx
                                                                                                                                                                                                          push esi
                                                                                                                                                                                                          push edi
                                                                                                                                                                                                          xor eax, eax
                                                                                                                                                                                                          mov dword ptr [ebp-3Ch], eax
                                                                                                                                                                                                          mov dword ptr [ebp-40h], eax
                                                                                                                                                                                                          mov dword ptr [ebp-5Ch], eax
                                                                                                                                                                                                          mov dword ptr [ebp-30h], eax
                                                                                                                                                                                                          mov dword ptr [ebp-38h], eax
                                                                                                                                                                                                          mov dword ptr [ebp-34h], eax
                                                                                                                                                                                                          mov dword ptr [ebp-2Ch], eax
                                                                                                                                                                                                          mov dword ptr [ebp-28h], eax
                                                                                                                                                                                                          mov dword ptr [ebp-14h], eax
                                                                                                                                                                                                          mov eax, 004B14B8h
                                                                                                                                                                                                          call 00007F16BC7F50F5h
                                                                                                                                                                                                          xor eax, eax
                                                                                                                                                                                                          push ebp
                                                                                                                                                                                                          push 004B65E2h
                                                                                                                                                                                                          push dword ptr fs:[eax]
                                                                                                                                                                                                          mov dword ptr fs:[eax], esp
                                                                                                                                                                                                          xor edx, edx
                                                                                                                                                                                                          push ebp
                                                                                                                                                                                                          push 004B659Eh
                                                                                                                                                                                                          push dword ptr fs:[edx]
                                                                                                                                                                                                          mov dword ptr fs:[edx], esp
                                                                                                                                                                                                          mov eax, dword ptr [004BE634h]
                                                                                                                                                                                                          call 00007F16BC897BE7h
                                                                                                                                                                                                          call 00007F16BC89773Ah
                                                                                                                                                                                                          lea edx, dword ptr [ebp-14h]
                                                                                                                                                                                                          xor eax, eax
                                                                                                                                                                                                          call 00007F16BC80AB94h
                                                                                                                                                                                                          mov edx, dword ptr [ebp-14h]
                                                                                                                                                                                                          mov eax, 004C1D84h
                                                                                                                                                                                                          call 00007F16BC7EFCE7h
                                                                                                                                                                                                          push 00000002h
                                                                                                                                                                                                          push 00000000h
                                                                                                                                                                                                          push 00000001h
                                                                                                                                                                                                          mov ecx, dword ptr [004C1D84h]
                                                                                                                                                                                                          mov dl, 01h
                                                                                                                                                                                                          mov eax, dword ptr [004238ECh]
                                                                                                                                                                                                          call 00007F16BC80BD17h
                                                                                                                                                                                                          mov dword ptr [004C1D88h], eax
                                                                                                                                                                                                          xor edx, edx
                                                                                                                                                                                                          push ebp
                                                                                                                                                                                                          push 004B654Ah
                                                                                                                                                                                                          push dword ptr fs:[edx]
                                                                                                                                                                                                          mov dword ptr fs:[edx], esp
                                                                                                                                                                                                          call 00007F16BC897C6Fh
                                                                                                                                                                                                          mov dword ptr [004C1D90h], eax
                                                                                                                                                                                                          mov eax, dword ptr [004C1D90h]
                                                                                                                                                                                                          cmp dword ptr [eax+0Ch], 01h
                                                                                                                                                                                                          jne 00007F16BC89DE8Ah
                                                                                                                                                                                                          mov eax, dword ptr [004C1D90h]
                                                                                                                                                                                                          mov edx, 00000028h
                                                                                                                                                                                                          call 00007F16BC80C60Ch
                                                                                                                                                                                                          mov edx, dword ptr [004C1D90h]

                                                                                                                                                                                                          Data Directories

                                                                                                                                                                                                          NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0xc40000x9a.edata
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0xc20000xfdc.idata
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0xc70000x11000.rsrc
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x2109000x4320
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_TLS0xc60000x18.rdata
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IAT0xc22f40x254.idata
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0xc30000x1a4.didata
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                          Sections

                                                                                                                                                                                                          NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                          .text0x10000xb39e40xb3a0043af0a9476ca224d8e8461f1e22c94daFalse0.34525867693110646data6.357635049994181IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                          .itext0xb50000x16880x1800185e04b9a1f554e31f7f848515dc890cFalse0.54443359375data5.971425428435973IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                          .data0xb70000x37a40x3800cab2107c933b696aa5cf0cc6c3fd3980False0.36097935267857145data5.048648594372454IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                          .bss0xbb0000x6de80x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                          .idata0xc20000xfdc0x1000e7d1635e2624b124cfdce6c360ac21cdFalse0.3798828125data5.029087481102678IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                          .didata0xc30000x1a40x2008ced971d8a7705c98b173e255d8c9aa7False0.345703125data2.7509822285969876IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                          .edata0xc40000x9a0x2008d4e1e508031afe235bf121c80fd7d5fFalse0.2578125data1.877162954504408IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                          .tls0xc50000x180x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                          .rdata0xc60000x5d0x2008f2f090acd9622c88a6a852e72f94e96False0.189453125data1.3838943752217987IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                          .rsrc0xc70000x110000x110007f89b554871894884a2a46b5f7d43d5aFalse0.18597771139705882data3.6934546558404633IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                          Resources

                                                                                                                                                                                                          NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                          RT_ICON0xc76780xa68Device independent bitmap graphic, 64 x 128 x 4, image size 2048EnglishUnited States0.1174924924924925
                                                                                                                                                                                                          RT_ICON0xc80e00x668Device independent bitmap graphic, 48 x 96 x 4, image size 1152EnglishUnited States0.15792682926829268
                                                                                                                                                                                                          RT_ICON0xc87480x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 512EnglishUnited States0.23387096774193547
                                                                                                                                                                                                          RT_ICON0xc8a300x128Device independent bitmap graphic, 16 x 32 x 4, image size 128EnglishUnited States0.39864864864864863
                                                                                                                                                                                                          RT_ICON0xc8b580x1628Device independent bitmap graphic, 64 x 128 x 8, image size 4096, 256 important colorsEnglishUnited States0.08339210155148095
                                                                                                                                                                                                          RT_ICON0xca1800xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colorsEnglishUnited States0.1023454157782516
                                                                                                                                                                                                          RT_ICON0xcb0280x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colorsEnglishUnited States0.10649819494584838
                                                                                                                                                                                                          RT_ICON0xcb8d00x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colorsEnglishUnited States0.10838150289017341
                                                                                                                                                                                                          RT_ICON0xcbe380x12e5PNG image data, 256 x 256, 8-bit/color RGBA, non-interlacedEnglishUnited States0.8712011577424024
                                                                                                                                                                                                          RT_ICON0xcd1200x4228Device independent bitmap graphic, 64 x 128 x 32, image size 16896EnglishUnited States0.05668398677373642
                                                                                                                                                                                                          RT_ICON0xd13480x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9600EnglishUnited States0.08475103734439834
                                                                                                                                                                                                          RT_ICON0xd38f00x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224EnglishUnited States0.09920262664165103
                                                                                                                                                                                                          RT_ICON0xd49980x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088EnglishUnited States0.2047872340425532
                                                                                                                                                                                                          RT_STRING0xd4e000x360data0.34375
                                                                                                                                                                                                          RT_STRING0xd51600x260data0.3256578947368421
                                                                                                                                                                                                          RT_STRING0xd53c00x45cdata0.4068100358422939
                                                                                                                                                                                                          RT_STRING0xd581c0x40cdata0.3754826254826255
                                                                                                                                                                                                          RT_STRING0xd5c280x2d4data0.39226519337016574
                                                                                                                                                                                                          RT_STRING0xd5efc0xb8data0.6467391304347826
                                                                                                                                                                                                          RT_STRING0xd5fb40x9cdata0.6410256410256411
                                                                                                                                                                                                          RT_STRING0xd60500x374data0.4230769230769231
                                                                                                                                                                                                          RT_STRING0xd63c40x398data0.3358695652173913
                                                                                                                                                                                                          RT_STRING0xd675c0x368data0.3795871559633027
                                                                                                                                                                                                          RT_STRING0xd6ac40x2a4data0.4275147928994083
                                                                                                                                                                                                          RT_RCDATA0xd6d680x10data1.5
                                                                                                                                                                                                          RT_RCDATA0xd6d780x2c4data0.6384180790960452
                                                                                                                                                                                                          RT_RCDATA0xd703c0x2cdata1.2045454545454546
                                                                                                                                                                                                          RT_GROUP_ICON0xd70680xbcdataEnglishUnited States0.6170212765957447
                                                                                                                                                                                                          RT_VERSION0xd71240x584dataEnglishUnited States0.26345609065155806
                                                                                                                                                                                                          RT_MANIFEST0xd76a80x7a8XML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.3377551020408163

                                                                                                                                                                                                          Imports

                                                                                                                                                                                                          DLLImport
                                                                                                                                                                                                          kernel32.dllGetACP, GetExitCodeProcess, LocalFree, CloseHandle, SizeofResource, VirtualProtect, VirtualFree, GetFullPathNameW, ExitProcess, HeapAlloc, GetCPInfoExW, RtlUnwind, GetCPInfo, GetStdHandle, GetModuleHandleW, FreeLibrary, HeapDestroy, ReadFile, CreateProcessW, GetLastError, GetModuleFileNameW, SetLastError, FindResourceW, CreateThread, CompareStringW, LoadLibraryA, ResetEvent, GetVersion, RaiseException, FormatMessageW, SwitchToThread, GetExitCodeThread, GetCurrentThread, LoadLibraryExW, LockResource, GetCurrentThreadId, UnhandledExceptionFilter, VirtualQuery, VirtualQueryEx, Sleep, EnterCriticalSection, SetFilePointer, LoadResource, SuspendThread, GetTickCount, GetFileSize, GetStartupInfoW, GetFileAttributesW, InitializeCriticalSection, GetSystemWindowsDirectoryW, GetThreadPriority, SetThreadPriority, GetCurrentProcess, VirtualAlloc, GetSystemInfo, GetCommandLineW, LeaveCriticalSection, GetProcAddress, ResumeThread, GetVersionExW, VerifyVersionInfoW, HeapCreate, GetWindowsDirectoryW, VerSetConditionMask, GetDiskFreeSpaceW, FindFirstFileW, GetUserDefaultUILanguage, lstrlenW, QueryPerformanceCounter, SetEndOfFile, HeapFree, WideCharToMultiByte, FindClose, MultiByteToWideChar, LoadLibraryW, SetEvent, CreateFileW, GetLocaleInfoW, GetSystemDirectoryW, DeleteFileW, GetLocalTime, GetEnvironmentVariableW, WaitForSingleObject, WriteFile, ExitThread, DeleteCriticalSection, TlsGetValue, GetDateFormatW, SetErrorMode, IsValidLocale, TlsSetValue, CreateDirectoryW, GetSystemDefaultUILanguage, EnumCalendarInfoW, LocalAlloc, GetUserDefaultLangID, RemoveDirectoryW, CreateEventW, SetThreadLocale, GetThreadLocale
                                                                                                                                                                                                          comctl32.dllInitCommonControls
                                                                                                                                                                                                          version.dllGetFileVersionInfoSizeW, VerQueryValueW, GetFileVersionInfoW
                                                                                                                                                                                                          user32.dllCreateWindowExW, TranslateMessage, CharLowerBuffW, CallWindowProcW, CharUpperW, PeekMessageW, GetSystemMetrics, SetWindowLongW, MessageBoxW, DestroyWindow, CharUpperBuffW, CharNextW, MsgWaitForMultipleObjects, LoadStringW, ExitWindowsEx, DispatchMessageW
                                                                                                                                                                                                          oleaut32.dllSysAllocStringLen, SafeArrayPtrOfIndex, VariantCopy, SafeArrayGetLBound, SafeArrayGetUBound, VariantInit, VariantClear, SysFreeString, SysReAllocStringLen, VariantChangeType, SafeArrayCreate
                                                                                                                                                                                                          netapi32.dllNetWkstaGetInfo, NetApiBufferFree
                                                                                                                                                                                                          advapi32.dllConvertStringSecurityDescriptorToSecurityDescriptorW, RegQueryValueExW, AdjustTokenPrivileges, GetTokenInformation, ConvertSidToStringSidW, LookupPrivilegeValueW, RegCloseKey, OpenProcessToken, RegOpenKeyExW

                                                                                                                                                                                                          Exports

                                                                                                                                                                                                          NameOrdinalAddress
                                                                                                                                                                                                          TMethodImplementationIntercept30x4541a8
                                                                                                                                                                                                          __dbk_fcall_wrapper20x40d0a0
                                                                                                                                                                                                          dbkFCallWrapperAddr10x4be63c

                                                                                                                                                                                                          Possible Origin

                                                                                                                                                                                                          Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                          EnglishUnited States

                                                                                                                                                                                                          Network Behavior

                                                                                                                                                                                                          Skipped network analysis since the amount of network traffic is too extensive. Please download the PCAP and check manually.

                                                                                                                                                                                                          Statistics

                                                                                                                                                                                                          Behavior

                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                          System Behavior

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:0
                                                                                                                                                                                                          Start time:19:18:48
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:"C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe"
                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                          File size:2'182'176 bytes
                                                                                                                                                                                                          MD5 hash:DBB69EE00786BED3E12A04518E0F469A
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:Borland Delphi
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:1
                                                                                                                                                                                                          Start time:19:18:48
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\is-TG3DC.tmp\SecuriteInfo.com.Adware.Elemental.22.28512.27778.tmp" /SL5="$1043A,1055917,832512,C:\Users\user\Desktop\SecuriteInfo.com.Adware.Elemental.22.28512.27778.exe"
                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                          File size:3'199'488 bytes
                                                                                                                                                                                                          MD5 hash:668D5368DEF8B65631C43EECBD50EA48
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:Borland Delphi
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:3
                                                                                                                                                                                                          Start time:19:18:57
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe" --silent --allusers=0
                                                                                                                                                                                                          Imagebase:0x130000
                                                                                                                                                                                                          File size:3'581'600 bytes
                                                                                                                                                                                                          MD5 hash:3C5239C753641E08EA3C2080FBFD5D51
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:4
                                                                                                                                                                                                          Start time:19:18:57
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x2f0,0x6bb4623c,0x6bb46248,0x6bb46254
                                                                                                                                                                                                          Imagebase:0x130000
                                                                                                                                                                                                          File size:3'581'600 bytes
                                                                                                                                                                                                          MD5 hash:3C5239C753641E08EA3C2080FBFD5D51
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:5
                                                                                                                                                                                                          Start time:19:18:58
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe" --version
                                                                                                                                                                                                          Imagebase:0x970000
                                                                                                                                                                                                          File size:3'581'600 bytes
                                                                                                                                                                                                          MD5 hash:3C5239C753641E08EA3C2080FBFD5D51
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:6
                                                                                                                                                                                                          Start time:19:18:58
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\user\AppData\Local\Programs\Opera GX" --profile-folder --language=en-GB --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=1396 --package-dir-prefix="C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20240329191858" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=NGFjMjBjZGM2OTE2N2RiNmJlYjJmY2M2YTBmZDdmMDY4ZjE3N2Y3OWFjNmExN2RhOTU2NGUyNWUyOTFkYjhlNjp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMSIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0xP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNF8zNzQyJnV0bV9pZD04MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCZ1dG1fY29udGVudD0zNzQyX3NldHVwaW8iLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTE3MzYzMzYuNTM0NCIsInVzZXJhZ2VudCI6Iklubm8gU2V0dXAgNi4yLjIiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fVVNfUEI0XzM3NDIiLCJjb250ZW50IjoiMzc0Ml9zZXR1cGlvIiwiaWQiOiI4MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImFiN2E4MGUwLWY1MjItNDZjMy1iYzdlLWQxNzkzYjIwNDhlMiJ9 --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=7005000000000000
                                                                                                                                                                                                          Imagebase:0x130000
                                                                                                                                                                                                          File size:3'581'600 bytes
                                                                                                                                                                                                          MD5 hash:3C5239C753641E08EA3C2080FBFD5D51
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:7
                                                                                                                                                                                                          Start time:19:18:58
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:C:\Users\user\AppData\Local\Temp\is-NM93K.tmp\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x308,0x30c,0x310,0x2d8,0x314,0x6aeb623c,0x6aeb6248,0x6aeb6254
                                                                                                                                                                                                          Imagebase:0x130000
                                                                                                                                                                                                          File size:3'581'600 bytes
                                                                                                                                                                                                          MD5 hash:3C5239C753641E08EA3C2080FBFD5D51
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:9
                                                                                                                                                                                                          Start time:19:19:19
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                          File size:1'499'104 bytes
                                                                                                                                                                                                          MD5 hash:E9A2209B61F4BE34F25069A6E54AFFEA
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:10
                                                                                                                                                                                                          Start time:19:19:20
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe" --version
                                                                                                                                                                                                          Imagebase:0xc00000
                                                                                                                                                                                                          File size:1'853'592 bytes
                                                                                                                                                                                                          MD5 hash:4C8FBED0044DA34AD25F781C3D117A66
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:11
                                                                                                                                                                                                          Start time:19:19:20
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x270,0x274,0x278,0x24c,0x27c,0xdb4f48,0xdb4f58,0xdb4f64
                                                                                                                                                                                                          Imagebase:0xc00000
                                                                                                                                                                                                          File size:1'853'592 bytes
                                                                                                                                                                                                          MD5 hash:4C8FBED0044DA34AD25F781C3D117A66
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:13
                                                                                                                                                                                                          Start time:19:19:54
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe" --backend --initial-pid=1396 --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\user\AppData\Local\Programs\Opera GX" --profile-folder --language=en-GB --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --package-dir="C:\Users\user\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202403291918581" --session-guid=8ddbc8bc-ca9a-4c2b-a001-468713504759 --server-tracking-blob=NGFjMjBjZGM2OTE2N2RiNmJlYjJmY2M2YTBmZDdmMDY4ZjE3N2Y3OWFjNmExN2RhOTU2NGUyNWUyOTFkYjhlNjp7ImNvdW50cnkiOiJVUyIsImVkaXRpb24iOiJzdGQtMSIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0xP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNF8zNzQyJnV0bV9pZD04MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCZ1dG1fY29udGVudD0zNzQyX3NldHVwaW8iLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTE3MzYzMzYuNTM0NCIsInVzZXJhZ2VudCI6Iklubm8gU2V0dXAgNi4yLjIiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fVVNfUEI0XzM3NDIiLCJjb250ZW50IjoiMzc0Ml9zZXR1cGlvIiwiaWQiOiI4MDVjOTQ2ZWM3YzU0NjgwYjM3ZjU4MmQ1OGRlMTgzMCIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImFiN2E4MGUwLWY1MjItNDZjMy1iYzdlLWQxNzkzYjIwNDhlMiJ9 --silent --desktopshortcut=1 --install-subfolder=107.0.5045.79
                                                                                                                                                                                                          Imagebase:0x7ff65f4a0000
                                                                                                                                                                                                          File size:6'949'792 bytes
                                                                                                                                                                                                          MD5 hash:21AD4599ABD2E158DB5128F32D3CC4EE
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                          • Detection: 0%, ReversingLabs
                                                                                                                                                                                                          • Detection: 0%, Virustotal, Browse
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:14
                                                                                                                                                                                                          Start time:19:19:55
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2a4,0x2d4,0x7ff8a8dad180,0x7ff8a8dad18c,0x7ff8a8dad198
                                                                                                                                                                                                          Imagebase:0x7ff65f4a0000
                                                                                                                                                                                                          File size:6'949'792 bytes
                                                                                                                                                                                                          MD5 hash:21AD4599ABD2E158DB5128F32D3CC4EE
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:17
                                                                                                                                                                                                          Start time:19:20:02
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Windows\explorer.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:C:\Windows\Explorer.EXE
                                                                                                                                                                                                          Imagebase:0x7ff674740000
                                                                                                                                                                                                          File size:5'141'208 bytes
                                                                                                                                                                                                          MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:18
                                                                                                                                                                                                          Start time:19:20:03
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe" --start-maximized
                                                                                                                                                                                                          Imagebase:0x7ff738410000
                                                                                                                                                                                                          File size:2'304'416 bytes
                                                                                                                                                                                                          MD5 hash:D737A64C835D918DBE53B2C7724488FF
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:19
                                                                                                                                                                                                          Start time:19:20:04
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe" --scheduledautoupdate 0
                                                                                                                                                                                                          Imagebase:0x7ff738410000
                                                                                                                                                                                                          File size:2'304'416 bytes
                                                                                                                                                                                                          MD5 hash:D737A64C835D918DBE53B2C7724488FF
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:20
                                                                                                                                                                                                          Start time:19:20:05
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_gx_splash.exe" --instance-name=a7abe095bcfd6dc868442c2e858a30d1
                                                                                                                                                                                                          Imagebase:0x7ff7f8560000
                                                                                                                                                                                                          File size:2'231'200 bytes
                                                                                                                                                                                                          MD5 hash:706FE814240C22A6CB09FBF48CB86020
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:21
                                                                                                                                                                                                          Start time:19:20:05
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --start-maximized --ran-launcher --instance-name=a7abe095bcfd6dc868442c2e858a30d1 --splash-handle=1040
                                                                                                                                                                                                          Imagebase:0x7ff69a8b0000
                                                                                                                                                                                                          File size:1'508'256 bytes
                                                                                                                                                                                                          MD5 hash:F452A15BC7E4392149F6BB2675EAAA59
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:22
                                                                                                                                                                                                          Start time:19:20:06
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x284,0x288,0x28c,0x280,0x290,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
                                                                                                                                                                                                          Imagebase:0x7ff6d5ad0000
                                                                                                                                                                                                          File size:2'019'744 bytes
                                                                                                                                                                                                          MD5 hash:26DF88B2E68E23B60C0EEAB3E29496BB
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:23
                                                                                                                                                                                                          Start time:19:20:06
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B\installer.exe" --version
                                                                                                                                                                                                          Imagebase:0x7ff69c7c0000
                                                                                                                                                                                                          File size:6'949'792 bytes
                                                                                                                                                                                                          MD5 hash:21AD4599ABD2E158DB5128F32D3CC4EE
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:24
                                                                                                                                                                                                          Start time:19:20:07
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --start-maximized --ran-launcher --instance-name=a7abe095bcfd6dc868442c2e858a30d1 --splash-handle=1040 --lowered-browser
                                                                                                                                                                                                          Imagebase:0x7ff69a8b0000
                                                                                                                                                                                                          File size:1'508'256 bytes
                                                                                                                                                                                                          MD5 hash:F452A15BC7E4392149F6BB2675EAAA59
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:26
                                                                                                                                                                                                          Start time:19:20:08
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x290,0x294,0x298,0x28c,0x29c,0x7ff8a6189628,0x7ff8a6189638,0x7ff8a6189648
                                                                                                                                                                                                          Imagebase:0x7ff6d5ad0000
                                                                                                                                                                                                          File size:2'019'744 bytes
                                                                                                                                                                                                          MD5 hash:26DF88B2E68E23B60C0EEAB3E29496BB
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:28
                                                                                                                                                                                                          Start time:19:20:09
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=gpu-process --no-appcompat-clear --start-stack-profiler --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1848 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:2
                                                                                                                                                                                                          Imagebase:0x7ff69a8b0000
                                                                                                                                                                                                          File size:1'508'256 bytes
                                                                                                                                                                                                          MD5 hash:F452A15BC7E4392149F6BB2675EAAA59
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:29
                                                                                                                                                                                                          Start time:19:20:10
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe" --pipeid=oauc_task_piped42b87436846297e467003cba27fe2f4 --version=107.0.5045.79 --producttype --requesttype=automatic --downloaddir="C:\Users\user\AppData\Local\Temp\.opera\0EA40E5AB06B" --installationdatadir="C:\Users\user\AppData\Local\Programs\Opera GX" --operadir="C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79" --installdir="C:\Users\user\AppData\Local\Programs\Opera GX" --user-data-dir="C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable" --nometrics --scheduledtask
                                                                                                                                                                                                          Imagebase:0x7ff6e8050000
                                                                                                                                                                                                          File size:5'751'712 bytes
                                                                                                                                                                                                          MD5 hash:6026F4719045033EFD7EC6127ED6370C
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                          • Detection: 0%, ReversingLabs
                                                                                                                                                                                                          • Detection: 0%, Virustotal, Browse
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:30
                                                                                                                                                                                                          Start time:19:20:10
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --enable-quic --no-appcompat-clear --start-stack-profiler --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=1972 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
                                                                                                                                                                                                          Imagebase:0x7ff69a8b0000
                                                                                                                                                                                                          File size:1'508'256 bytes
                                                                                                                                                                                                          MD5 hash:F452A15BC7E4392149F6BB2675EAAA59
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:31
                                                                                                                                                                                                          Start time:19:20:10
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=2776 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
                                                                                                                                                                                                          Imagebase:0x7ff69a8b0000
                                                                                                                                                                                                          File size:1'508'256 bytes
                                                                                                                                                                                                          MD5 hash:F452A15BC7E4392149F6BB2675EAAA59
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:32
                                                                                                                                                                                                          Start time:19:20:11
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=3216 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
                                                                                                                                                                                                          Imagebase:0x7ff69a8b0000
                                                                                                                                                                                                          File size:1'508'256 bytes
                                                                                                                                                                                                          MD5 hash:F452A15BC7E4392149F6BB2675EAAA59
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:33
                                                                                                                                                                                                          Start time:19:20:12
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\107.0.5045.79\opera_autoupdate.exe" --type=crashpad-handler "--user-data-dir=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktopGX --annotation=ver=107.0.5045.79 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff6e85938fc,0x7ff6e8593908,0x7ff6e8593918
                                                                                                                                                                                                          Imagebase:0x7ff6e8050000
                                                                                                                                                                                                          File size:5'751'712 bytes
                                                                                                                                                                                                          MD5 hash:6026F4719045033EFD7EC6127ED6370C
                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:35
                                                                                                                                                                                                          Start time:19:20:12
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=3356 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
                                                                                                                                                                                                          Imagebase:0x7ff69a8b0000
                                                                                                                                                                                                          File size:1'508'256 bytes
                                                                                                                                                                                                          MD5 hash:F452A15BC7E4392149F6BB2675EAAA59
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:36
                                                                                                                                                                                                          Start time:19:20:13
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exe"
                                                                                                                                                                                                          Imagebase:0x20000
                                                                                                                                                                                                          File size:140'800 bytes
                                                                                                                                                                                                          MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:37
                                                                                                                                                                                                          Start time:19:20:16
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=4364 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
                                                                                                                                                                                                          Imagebase:0x7ff69a8b0000
                                                                                                                                                                                                          File size:1'508'256 bytes
                                                                                                                                                                                                          MD5 hash:F452A15BC7E4392149F6BB2675EAAA59
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:38
                                                                                                                                                                                                          Start time:19:20:17
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exe
                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\iVbaHhMGgjRPQdstHmqQTgkbxiYBLxBpyzsEuAKAsKqyZeBOViMTYbkOnfuIVKzSyxpCQrvLHujso\koksDTqWjvmuJdFhyPGiECl.exe"
                                                                                                                                                                                                          Imagebase:0x20000
                                                                                                                                                                                                          File size:140'800 bytes
                                                                                                                                                                                                          MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                          General

                                                                                                                                                                                                          Target ID:39
                                                                                                                                                                                                          Start time:19:20:17
                                                                                                                                                                                                          Start date:29/03/2024
                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe
                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --enable-quic --no-appcompat-clear --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --mojo-platform-channel-handle=4764 --field-trial-handle=1860,i,17205455559367761425,8087887266479412671,262144 --variations-seed-version /prefetch:8
                                                                                                                                                                                                          Imagebase:0x7ff69a8b0000
                                                                                                                                                                                                          File size:1'508'256 bytes
                                                                                                                                                                                                          MD5 hash:F452A15BC7E4392149F6BB2675EAAA59
                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                          Disassembly

                                                                                                                                                                                                          No disassembly